mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-04 02:44:29 +08:00
Merge pull request #1723 from gravitl/refactor_mqtt_to_wss
Refactor mqtt to wss
This commit is contained in:
dcarns
GitHub
commit
3d683924b1
6 changed files with 23 additions and 16 deletions
|
|
@ -125,10 +125,10 @@ services:
|
||||||
- "8883"
|
- "8883"
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.tcp.routers.mqtt.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
|
- traefik.http.routers.mqtt_websocket.rule=Host(`broker.NETMAKER_BASE_DOMAIN`)
|
||||||
- traefik.tcp.routers.mqtt.tls.certresolver=http
|
- traefik.http.routers.mqtt_websocket.entrypoints=websecure
|
||||||
- traefik.tcp.services.mqtt.loadbalancer.server.port=8883
|
- traefik.http.routers.mqtt_websocket.tls.certresolver=http
|
||||||
- traefik.tcp.routers.mqtt.entrypoints=websecure
|
- traefik.http.services.mqtt_websocket.loadbalancer.server.port=8883
|
||||||
prometheus:
|
prometheus:
|
||||||
container_name: prometheus
|
container_name: prometheus
|
||||||
image: gravitl/netmaker-prometheus:latest
|
image: gravitl/netmaker-prometheus:latest
|
||||||
|
|
|
||||||
|
|
@ -129,11 +129,11 @@ services:
|
||||||
- "8883"
|
- "8883"
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.tcp.routers.mqtts.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
|
- traefik.http.routers.mqtt_websocket.rule=Host(`broker.NETMAKER_BASE_DOMAIN`)
|
||||||
- traefik.tcp.routers.mqtts.tls.passthrough=true
|
- traefik.http.routers.mqtt_websocket.entrypoints=websecure
|
||||||
- traefik.tcp.services.mqtts-svc.loadbalancer.server.port=8883
|
- traefik.http.routers.mqtt_websocket.tls.passthrough=true
|
||||||
- traefik.tcp.routers.mqtts.service=mqtts-svc
|
- traefik.http.services.mqtts-svc.loadbalancer.server.port=8883
|
||||||
- traefik.tcp.routers.mqtts.entrypoints=websecure
|
- traefik.http.routers.mqtt_websocket.service=mqtts-svc
|
||||||
volumes:
|
volumes:
|
||||||
traefik_certs: {} # ssl certificates - auto generated
|
traefik_certs: {} # ssl certificates - auto generated
|
||||||
shared_certs: {} # netmaker certs generated for MQ comms - used by nodes/servers
|
shared_certs: {} # netmaker certs generated for MQ comms - used by nodes/servers
|
||||||
|
|
|
||||||
|
|
@ -122,10 +122,10 @@ services:
|
||||||
- "8883"
|
- "8883"
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.tcp.routers.mqtt.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
|
- traefik.http.routers.mqtt_websocket.rule=Host(`broker.NETMAKER_BASE_DOMAIN`)
|
||||||
- traefik.tcp.routers.mqtt.tls.certresolver=http
|
- traefik.http.routers.mqtt_websocket.entrypoints=websecure
|
||||||
- traefik.tcp.services.mqtt.loadbalancer.server.port=8883
|
- traefik.http.routers.mqtt_websocket.tls.certresolver=http
|
||||||
- traefik.tcp.routers.mqtt.entrypoints=websecure
|
- traefik.http.services.mqtt_websocket.loadbalancer.server.port=8883
|
||||||
volumes:
|
volumes:
|
||||||
traefik_certs: {}
|
traefik_certs: {}
|
||||||
sqldata: {}
|
sqldata: {}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,10 @@
|
||||||
per_listener_settings false
|
per_listener_settings false
|
||||||
listener 8883
|
listener 8883
|
||||||
|
protocol websockets
|
||||||
allow_anonymous false
|
allow_anonymous false
|
||||||
|
|
||||||
listener 1883
|
listener 1883
|
||||||
|
protocol websockets
|
||||||
allow_anonymous false
|
allow_anonymous false
|
||||||
|
|
||||||
plugin /usr/lib/mosquitto_dynamic_security.so
|
plugin /usr/lib/mosquitto_dynamic_security.so
|
||||||
|
|
|
||||||
|
|
@ -212,7 +212,7 @@ func setupMQTTSingleton(cfg *config.ClientConfig) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("could not read secrets file %w", err)
|
return fmt.Errorf("could not read secrets file %w", err)
|
||||||
}
|
}
|
||||||
opts.AddBroker("mqtts://" + server + ":" + port)
|
opts.AddBroker("wss://" + server + ":" + port)
|
||||||
opts.SetUsername(cfg.Node.ID)
|
opts.SetUsername(cfg.Node.ID)
|
||||||
opts.SetPassword(string(pass))
|
opts.SetPassword(string(pass))
|
||||||
mqclient = mqtt.NewClient(opts)
|
mqclient = mqtt.NewClient(opts)
|
||||||
|
|
@ -239,7 +239,7 @@ func setupMQTT(cfg *config.ClientConfig) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("could not read secrets file %w", err)
|
return fmt.Errorf("could not read secrets file %w", err)
|
||||||
}
|
}
|
||||||
opts.AddBroker(fmt.Sprintf("mqtts://%s:%s", server, port))
|
opts.AddBroker(fmt.Sprintf("wss://%s:%s", server, port))
|
||||||
opts.SetUsername(cfg.Node.ID)
|
opts.SetUsername(cfg.Node.ID)
|
||||||
opts.SetPassword(string(pass))
|
opts.SetPassword(string(pass))
|
||||||
opts.SetClientID(ncutils.MakeRandomString(23))
|
opts.SetClientID(ncutils.MakeRandomString(23))
|
||||||
|
|
|
||||||
|
|
@ -235,7 +235,12 @@ func GetMessageQueueEndpoint() (string, bool) {
|
||||||
} else if config.Config.Server.MQHOST != "" {
|
} else if config.Config.Server.MQHOST != "" {
|
||||||
host = config.Config.Server.MQHOST
|
host = config.Config.Server.MQHOST
|
||||||
}
|
}
|
||||||
secure := strings.Contains(host, "mqtts") || strings.Contains(host, "ssl")
|
secure := strings.Contains(host, "wss") || strings.Contains(host, "ssl")
|
||||||
|
if secure {
|
||||||
|
host = "wss://" + host
|
||||||
|
} else {
|
||||||
|
host = "ws://" + host
|
||||||
|
}
|
||||||
return host + ":" + GetMQServerPort(), secure
|
return host + ":" + GetMQServerPort(), secure
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue