Add mosquitto notes to docker readme
This commit is contained in:
parent
2f3cc2dd8d
commit
e2a4616c96
|
@ -1,3 +1,54 @@
|
||||||
# Docker
|
# Docker
|
||||||
|
|
||||||
Various run scripts for deploying Home-Automation.io on arm boards. Raspberry Pi and others are supported.
|
Various run scripts for deploying Home-Automation.io on arm boards. Raspberry Pi and others are supported.
|
||||||
|
|
||||||
|
## Mosquito Setup
|
||||||
|
|
||||||
|
### Users
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
|
||||||
|
docker exec -it mosquitto mosquitto_passwd -c /mosquitto/config/passwd.db user
|
||||||
|
docker exec -it mosquitto mosquitto_passwd /mosquitto/config/passwd.db user
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
### SSL
|
||||||
|
|
||||||
|
Prep / Pre-Reqs
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
|
||||||
|
mkdir /var/mosquitto/config/ssl
|
||||||
|
cd /var/mosquitto/config/ssl
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
Server SSL Setup
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
|
||||||
|
# Generate a certificate authority certificate and key.
|
||||||
|
openssl req -new -x509 -days 36500 -extensions v3_ca -keyout ca.key -out ca.crt
|
||||||
|
# Generate a server key without encryption.
|
||||||
|
openssl genrsa -out server.key 4096
|
||||||
|
# Generate a certificate signing request to send to the CA.
|
||||||
|
# When prompted for the CN (Common Name), please enter either your server (or broker) hostname or domain name.
|
||||||
|
openssl req -out server.csr -key server.key -new
|
||||||
|
# Send the CSR to the CA, or sign it with your CA key:
|
||||||
|
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
Client SSL Setup
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
|
||||||
|
# Generate a client key.
|
||||||
|
openssl genrsa -des3 -out client.key 4096
|
||||||
|
# Generate a certificate signing request to send to the CA.
|
||||||
|
openssl req -out client.csr -key client.key -new
|
||||||
|
# Send the CSR to the CA, or sign it with your CA key:
|
||||||
|
openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days <duration>
|
||||||
|
|
||||||
|
```
|
Loading…
Reference in New Issue