From e2a4616c96e7fba221fb67fbb49b244a4d191b7b Mon Sep 17 00:00:00 2001 From: KemoNine Date: Tue, 14 May 2019 15:29:06 +0000 Subject: [PATCH] Add mosquitto notes to docker readme --- docker/README.md | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/docker/README.md b/docker/README.md index a03f9f3..6260978 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,3 +1,54 @@ # Docker Various run scripts for deploying Home-Automation.io on arm boards. Raspberry Pi and others are supported. + +## Mosquito Setup + +### Users + +``` bash + +docker exec -it mosquitto mosquitto_passwd -c /mosquitto/config/passwd.db user +docker exec -it mosquitto mosquitto_passwd /mosquitto/config/passwd.db user + +``` + +### SSL + +Prep / Pre-Reqs + +``` bash + +mkdir /var/mosquitto/config/ssl +cd /var/mosquitto/config/ssl + +``` + +Server SSL Setup + +``` bash + +# Generate a certificate authority certificate and key. +openssl req -new -x509 -days 36500 -extensions v3_ca -keyout ca.key -out ca.crt +# Generate a server key without encryption. +openssl genrsa -out server.key 4096 +# Generate a certificate signing request to send to the CA. +# When prompted for the CN (Common Name), please enter either your server (or broker) hostname or domain name. +openssl req -out server.csr -key server.key -new +# Send the CSR to the CA, or sign it with your CA key: +openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650 + +``` + +Client SSL Setup + +``` bash + +# Generate a client key. +openssl genrsa -des3 -out client.key 4096 +# Generate a certificate signing request to send to the CA. +openssl req -out client.csr -key client.key -new +# Send the CSR to the CA, or sign it with your CA key: +openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days + +``` \ No newline at end of file