rabbitmq with mqtt

4 months ago · e9d6cf2fa7
commit e9d6cf2fa7
5 changed files with 101 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,15 @@
+version: "3.7"
+services:
+  rabbitmq:
+    hostname: rabbitmq
+    image: rabbitmq:3.11-management
+    command: rabbitmq-server
+    ports:
+      - "24001:5672"
+      - "24002:15672"
+      - "24003:1883"
+      - "24004:8883"
+    volumes:
+      - ./rabbitmq/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf:ro
+      - ./rabbitmq/definitions.json:/etc/rabbitmq/definitions.json:ro
+      - ./rabbitmq/enabled_plugins:/etc/rabbitmq/enabled_plugins:rw
--- a/rabbitmq/definitions.json
+++ b/rabbitmq/definitions.json
@ -0,0 +1,43 @@
+{
+    "rabbit_version": "3.9",
+    "users": [
+        {
+            "name": "sensor",
+            "password_hash": "oSMxBdl8oK3JPrBu2qWibnYqfCN4U+K/u9p8qNk4u1ev9kL7",
+            "hashing_algorithm": "rabbit_password_hashing_sha256",
+            "tags": ""
+        },
+        {
+            "name": "adminuser",
+            "password_hash": "jU+b1o2Q6HWefFSFMRyPwAdjLenS3+9yqu8L3Y4GIBtf3gKB",
+            "hashing_algorithm": "rabbit_password_hashing_sha256",
+            "tags": "administrator"
+        }
+    ],
+    "vhosts": [
+        {
+            "name": "\/"
+        }
+    ],
+    "permissions": [
+        {
+            "user": "adminuser",
+            "vhost": "\/",
+            "configure": ".*",
+            "write": ".*",
+            "read": ".*"
+        },
+        {
+            "user": "sensor",
+            "vhost": "\/",
+            "configure": ".*",
+            "write": ".*",
+            "read": ".*"
+        }
+    ],
+    "parameters": [],
+    "policies": [],
+    "queues": [],
+    "exchanges": [],
+    "bindings": []
+}
--- a/rabbitmq/enabled_plugins
+++ b/rabbitmq/enabled_plugins
@ -0,0 +1 @@
+[rabbitmq_management,rabbitmq_prometheus,rabbitmq_mqtt].
--- a/rabbitmq/hash_password.py
+++ b/rabbitmq/hash_password.py
@ -0,0 +1,31 @@
+#!/usr/bin/env python3
+
+# rabbitMQ password hashing algo as laid out in:
+# http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/2011-May/012765.html
+
+from __future__ import print_function
+import base64
+import os
+import hashlib
+import sys
+
+# This is the password we wish to encode
+password = sys.argv[1]
+
+# 1.Generate a random 32 bit salt:
+# This will generate 32 bits of random data:
+salt = os.urandom(4)
+
+# 2.Concatenate that with the UTF-8 representation of the plaintext password
+tmp0 = salt + password.encode("utf-8")
+
+# 3. Take the SHA256 hash and get the bytes back
+tmp1 = hashlib.sha256(tmp0).digest()
+
+# 4. Concatenate the salt again:
+salted_hash = salt + tmp1
+
+# 5. convert to base64 encoding:
+pass_hash = base64.b64encode(salted_hash)
+
+print(pass_hash.decode("utf-8"))
--- a/rabbitmq/rabbitmq.conf
+++ b/rabbitmq/rabbitmq.conf
@ -0,0 +1,11 @@
+loopback_users.guest = false
+management.load_definitions = /etc/rabbitmq/definitions.json
+
+
+# mqtt
+mqtt.listeners.tcp.default = 1883
+mqtt.allow_anonymous = false
+mqtt.exchange = amq.topic
+mqtt.vhost = /
+
+
				`@ -0,0 +1 @@`
				`[rabbitmq_management,rabbitmq_prometheus,rabbitmq_mqtt].`