pkg.gl

Categorygithub.com/mpetavy/mqtt

modulepackage

0.0.0-20241217184942-cb43e18bbab9

Repository: https://github.com/mpetavy/mqtt.git

Documentation: pkg.go.dev

# README

= MQTT broker setup in bridge mode

== Description

This is a description of a setup of two MQTT brokers in bridge mode. + Bridge mode allows users to connect two or more Mosquitto brokers to share information with each other. + Choosen MQTT broker is the well known Eclipse Mosquitto MQTT broker https://mosquitto.org/

== Requirements

Two MQTT broker
TLS encrypted communication Client -> Bridge -> Broker -> Client
Broker Authentication
Bi-directional communication
Topic mapping

== Overview available MQTT brokers

https://en.wikipedia.org/wiki/Comparison_of_MQTT_implementations +

== Google survey

[cols="4,10a"] |===

|What is the most used MQTT broker? |Eclipse Mosquitto + The most popular open source MQTT brokers are Eclipse Mosquitto and IBM's ActiveMQ.

|What is the largest MQTT broker? |EMQ X is currently the most scalable MQTT broker for IoT applications. + It processes millions of MQTT messages in a second with sub-millisecond latency and allows messaging among more than 100 million clients within a single cluster.

|How do I choose a MQTT broker? |Choose the MQTT protocol that can scale following your requirements without sacrificing performance or reliability. + Network security is a critical consideration when dealing with IoT devices, and MQTT brokers should have robust IoT security features, such as encryption, authentication, and access control. |===

== Eclipse Mosquitto

Quote from https://moquitto.org:

Eclipse Mosquitto is an open source (EPL/EDL licensed) message broker that implements the MQTT protocol versions 5.0, 3.1.1 and 3.1. Mosquitto is lightweight and is suitable for use on all devices from low power single board computers to full servers.
The MQTT protocol provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for Internet of Things messaging such as with low power sensors or mobile devices such as phones, embedded computers or microcontrollers.
The Mosquitto project also provides a C library for implementing MQTT clients, and the very popular mosquitto_pub and mosquitto_sub command line MQTT clients.
Mosquitto is part of the Eclipse Foundation, and is an iot.eclipse.org project.
The development is driven by Cedalo.

== Eclipse Mosquitto features

Lightweight
OS supported ** Linux ** Windows ** MacOS
Protocols supported: ** MQTT ** MQTT over TLS ** MQTT over mTLS (with client certificate) ** MQTT over WebSockets ** MQTT over WebSockets with TLS
Authentication ** anonymous (no authentication) ** username/password (per broker) ** dynamic security: role based/ACL (publishClientSend, publishClientReceive, subscribe, and unsubscribe ** custom security: https://github.com/iegomez/mosquitto-go-auth *** Files *** PostgreSQL *** JWT (with local DB or remote API) *** HTTP *** Redis *** Mysql *** SQLite3 *** MongoDB *** Custom (experimental) *** gRPC *** Javascript interpreter

== Demo description

[cols="4,10a"] |===

|MQTT protocol version |mqttv311 (default))

|TLS protocol version |tlsv1.2 and tlsv1.3 (default)

|compose.yml |Docker compose configuration file

|start-bridge |Starts the docker compose demo setup

|stop-bridge |Stops the docker compose demo setup

|create-certs |Creates a custom ROOT CA certificate and certificates for bridge and broker container

|===

== Password file

=== Create passwd with an initial user

mosquitto_passwd -c passwd bridgeuser

=== Append an user

mosquitto_passwd passwd bridgeuser

== Run only broker

run-broker.sh
mosquitto_sub -h broker -p 1883 --cafile tls/ca.crt -t mqtt -u brokeruser -P brokerpwd
mosquitto_pub -h broker -p 1883 --cafile tls/ca.crt -t mqtt -m Hallo -u brokeruser -P brokerpwd

== Run bridge and broker

run-bridge-and-broker.sh
mosquitto_sub -h broker -p 1883 --cafile tls/ca.crt -t mqtt -u brokeruser -P brokerpwd
mosquitto_pub -h bridge -p 1884 --cafile tls/ca.crt -t mqtt -m Hallo -u bridgeuser -P bridgepwd

== Samples

=== Subscribe to all topics

mosquitto_sub -h localhost -p 1883 -t #

=== PUB/SUB without authentication bridge->broker

mosquitto_sub -h localhost -p 1883 --cafile tls/ca.crt -t from-bridge/mqtt

mosquitto_pub -h localhost -p 1884 --cafile tls/ca.crt -t mqtt -m HelloWorld!

=== PUB/SUB with authentication bridge->broker

mosquitto_sub -h localhost -p 1883 --cafile tls/ca.crt -t from-bridge/mqtt -u brokeruser -P brokerpwd

mosquitto_pub -h localhost -p 1884 --cafile tls/ca.crt -t mqtt -m HelloWorld! -u bridgeuser -P bridgepwd

=== PUB/SUB with TLS and authentication bridge->broker

mosquitto_sub -h localhost -p 1883 --cafile tls/ca.crt -t from-bridge/mqtt -u brokeruser -P brokerpwd --cafile broker\ca.crt --insecure

mosquitto_pub -h localhost -p 1884 --cafile tls/ca.crt -t mqtt -m "it works!" -u bridgeuser -P bridgepwd --cafile bridge\ca.crt --insecure

== Links

https://mosquitto.org/ + https://mosquitto.org/man/mosquitto-conf-5.html + http://www.steves-internet-guide.com/mqtt-protocol-messages-overview/ + http://www.steves-internet-guide.com/mqtt-username-password-example/ + http://www.steves-internet-guide.com/mosquitto_pub-sub-clients/ + http://www.steves-internet-guide.com/ssl-certificates-explained/ + http://www.steves-internet-guide.com/mosquitto-bridge-encryption/ + http://www.steves-internet-guide.com/mossquitto-conf-file/ + https://hackmd.io/@phdunimed/mqttbridging +