Featured image of post centos7安装 supervisor ,mosquitto 2.x 和 mosquitto-go-auth

centos7安装 supervisor ,mosquitto 2.x 和 mosquitto-go-auth

centos7 安装 supervisor 和mosquitto2

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
### 更新安装依赖
yum update 
yum install dnf -y
# supervisor 默认没有 安装 epel-release才可以
yum update -y 
dnf install -y epel-release
yum -y install supervisor

#启动supervisord服务
systemctl start supervisord.service 
#在开机时启用supervisord服务
systemctl enable supervisord.service 
#显示supervisord服务的状态
systemctl status supervisord.service


#安装mosquitto依赖
yum install wget git gcc gcc-c++ openssl-devel -y

#下载编译 cmake
wget https://github.com/Kitware/CMake/releases/download/v3.24.2/cmake-3.24.2.tar.gz
    
tar zxvf cmake-3.24.2.tar.gz
cd cmake-3.24.2

./bootstrap --prefix=/usr/local/cmake

make && make install

sudo ln -s /usr/local/cmake/bin/cmake /usr/bin/cmake

# 源码编译libwebsockets
git clone https://github.com/warmcat/libwebsockets.git

cd libwebsockets/
git checkout v4.3-stable

mkdir build && cd build

cmake \
    -DLWS_WITH_EXTERNAL_POLL=ON \
    -DLWS_WITH_HTTP2=ON \
    -DLWS_WITHOUT_TESTAPPS=ON \
    -DLWS_UNIX_SOCK=ON \
    -DLWS_IPV6=ON \
    ../
make && make install

#源码编译 mosquitto
wget https://mosquitto.org/files/source/mosquitto-2.0.15.tar.gz
tar zxvf mosquitto-2.0.15.tar.gz
cd mosquitto-2.0.15

mkdir build
    cd build
    cmake \
    -DCMAKE_INSTALL_PREFIX=/usr/local \
    -DOPENSSL_ROOT_DIR=/usr/local \
    -DWITH_WEBSOCKETS=ON \
    -DDOCUMENTATION=OFF \
    -DCMAKE_C_FLAGS="-I/usr/local/include" \
    -DCMAKE_EXE_LINKER_FLAGS="-L/usr/local/lib" \
    ../

make WITH_WEBSOCKETS=yes && make install

cd ../
cp service/systemd/mosquitto.service.simple /usr/lib/systemd/system/mosquitto.service
    
vi /usr/lib/systemd/system/mosquitto.service
    # 修改这里的路径
    ExecStart=/usr/local/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
    
mv /usr/local/etc/mosquitto /etc/mosquitto

sudo groupadd mosquitto
sudo useradd -s /sbin/nologin mosquitto -g mosquitto


# 安装mosquitto-go-auth
cd ~
git clone https://github.com/iegomez/mosquitto-go-auth.git
yum install golang
go env -w GOPROXY=https://goproxy.cn,direct
make all
cp ./go-auth.so /etc/mosquitto/
cp ./pw /etc/mosquitto/

cat > /etc/mosquitto/mosquitto.conf << EOF
persistence true
persistence_location /var/lib/mosquitto/
user mosquitto

log_type all

listener 1883 0.0.0.0
protocol mqtt

listener 1884 0.0.0.0
protocol websockets
socket_domain ipv4

allow_anonymous false

auth_plugin /etc/mosquitto/go-auth.so
auth_opt_backends mysql

#Logging
auth_opt_log_level debug
auth_opt_log_dest file
auth_opt_log_file /var/log/mosquitto/mosquitto-go-auth.log

# Hashing
auth_opt_hasher pbkdf2
auth_opt_hasher_salt_size 16                 # salt bytes length
auth_opt_hasher_iterations 100000            # number of iterations
auth_opt_hasher_keylen 64                    # key length
auth_opt_hasher_algorithm sha512             # hashing algorithm, either sha512 (default) or sha256
auth_opt_hasher_salt_encoding base64         # salt encoding, either base64 (default) or utf-8

# mysql
auth_opt_mysql_host localhost
auth_opt_mysql_port 3306
auth_opt_mysql_user 数据库用户
auth_opt_mysql_password 密码
auth_opt_mysql_dbname 数据库名称
auth_opt_mysql_userquery SELECT pass FROM mq_account WHERE user = ? limit 1
auth_opt_mysql_superquery SELECT COUNT(*) FROM mq_account WHERE user = ? AND super = 1
auth_opt_mysql_aclquery  SELECT topic FROM mq_acl WHERE (user = ?) AND rw = ?
auth_opt_mysql_allow_native_passwords true
EOF


## 开机自启动
systemctl enable mosquitto.service
systemctl start mosquitto.service

## 开启防火墙端口
firewall-cmd --zone=public --add-port=1883/tcp --permanent
firewall-cmd --zone=public --add-port=1884/tcp --permanent
firewall-cmd --reload
# nsqadmin --lookupd-http-address 0.0.0.0:4161