Add mosquitto notes to docker readme

2019-05-14 15:29:06 +00:00 · 2019-05-14 15:29:06 +00:00 · e2a4616c96
parent 2f3cc2dd8d
commit e2a4616c96
1 changed files with 51 additions and 0 deletions
--- a/docker/README.md
+++ b/docker/README.md
@ -1,3 +1,54 @@
 # Docker

 Various run scripts for deploying Home-Automation.io on arm boards. Raspberry Pi and others are supported.
+
+## Mosquito Setup
+
+### Users
+
+``` bash
+
+docker exec -it mosquitto mosquitto_passwd -c /mosquitto/config/passwd.db user
+docker exec -it mosquitto mosquitto_passwd /mosquitto/config/passwd.db user
+
+```
+
+### SSL
+
+Prep / Pre-Reqs
+
+``` bash
+
+mkdir /var/mosquitto/config/ssl
+cd /var/mosquitto/config/ssl
+
+```
+
+Server SSL Setup
+
+``` bash
+
+# Generate a certificate authority certificate and key.
+openssl req -new -x509 -days 36500 -extensions v3_ca -keyout ca.key -out ca.crt
+# Generate a server key without encryption.
+openssl genrsa -out server.key 4096
+# Generate a certificate signing request to send to the CA.
+#    When prompted for the CN (Common Name), please enter either your server (or broker) hostname or domain name.
+openssl req -out server.csr -key server.key -new
+# Send the CSR to the CA, or sign it with your CA key:
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 3650
+
+```
+
+Client SSL Setup
+
+``` bash
+
+# Generate a client key.
+openssl genrsa -des3 -out client.key 4096
+# Generate a certificate signing request to send to the CA.
+openssl req -out client.csr -key client.key -new
+# Send the CSR to the CA, or sign it with your CA key:
+openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt -days <duration>
+
+```