commit e9d6cf2fa75aa047144d0f9dc66976927d08e1a0
Author: Niko Abeler <niko@rerere.org>
Date:   Sat Feb 4 16:15:16 2023 +0100

    rabbitmq with mqtt

diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..ee51f2e
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,15 @@
+version: "3.7"
+services:
+  rabbitmq:
+    hostname: rabbitmq
+    image: rabbitmq:3.11-management
+    command: rabbitmq-server
+    ports:
+      - "24001:5672"
+      - "24002:15672"
+      - "24003:1883"
+      - "24004:8883"
+    volumes:
+      - ./rabbitmq/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf:ro
+      - ./rabbitmq/definitions.json:/etc/rabbitmq/definitions.json:ro
+      - ./rabbitmq/enabled_plugins:/etc/rabbitmq/enabled_plugins:rw
\ No newline at end of file
diff --git a/rabbitmq/definitions.json b/rabbitmq/definitions.json
new file mode 100644
index 0000000..eb4795c
--- /dev/null
+++ b/rabbitmq/definitions.json
@@ -0,0 +1,43 @@
+{
+    "rabbit_version": "3.9",
+    "users": [
+        {
+            "name": "sensor",
+            "password_hash": "oSMxBdl8oK3JPrBu2qWibnYqfCN4U+K/u9p8qNk4u1ev9kL7",
+            "hashing_algorithm": "rabbit_password_hashing_sha256",
+            "tags": ""
+        },
+        {
+            "name": "adminuser",
+            "password_hash": "jU+b1o2Q6HWefFSFMRyPwAdjLenS3+9yqu8L3Y4GIBtf3gKB",
+            "hashing_algorithm": "rabbit_password_hashing_sha256",
+            "tags": "administrator"
+        }
+    ],
+    "vhosts": [
+        {
+            "name": "\/"
+        }
+    ],
+    "permissions": [
+        {
+            "user": "adminuser",
+            "vhost": "\/",
+            "configure": ".*",
+            "write": ".*",
+            "read": ".*"
+        },
+        {
+            "user": "sensor",
+            "vhost": "\/",
+            "configure": ".*",
+            "write": ".*",
+            "read": ".*"
+        }
+    ],
+    "parameters": [],
+    "policies": [],
+    "queues": [],
+    "exchanges": [],
+    "bindings": []
+}
diff --git a/rabbitmq/enabled_plugins b/rabbitmq/enabled_plugins
new file mode 100644
index 0000000..73c869b
--- /dev/null
+++ b/rabbitmq/enabled_plugins
@@ -0,0 +1 @@
+[rabbitmq_management,rabbitmq_prometheus,rabbitmq_mqtt].
\ No newline at end of file
diff --git a/rabbitmq/hash_password.py b/rabbitmq/hash_password.py
new file mode 100644
index 0000000..aef32b6
--- /dev/null
+++ b/rabbitmq/hash_password.py
@@ -0,0 +1,31 @@
+#!/usr/bin/env python3
+
+# rabbitMQ password hashing algo as laid out in:
+# http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/2011-May/012765.html
+
+from __future__ import print_function
+import base64
+import os
+import hashlib
+import sys
+
+# This is the password we wish to encode
+password = sys.argv[1]
+
+# 1.Generate a random 32 bit salt:
+# This will generate 32 bits of random data:
+salt = os.urandom(4)
+
+# 2.Concatenate that with the UTF-8 representation of the plaintext password
+tmp0 = salt + password.encode("utf-8")
+
+# 3. Take the SHA256 hash and get the bytes back
+tmp1 = hashlib.sha256(tmp0).digest()
+
+# 4. Concatenate the salt again:
+salted_hash = salt + tmp1
+
+# 5. convert to base64 encoding:
+pass_hash = base64.b64encode(salted_hash)
+
+print(pass_hash.decode("utf-8"))
diff --git a/rabbitmq/rabbitmq.conf b/rabbitmq/rabbitmq.conf
new file mode 100644
index 0000000..52c18cb
--- /dev/null
+++ b/rabbitmq/rabbitmq.conf
@@ -0,0 +1,11 @@
+loopback_users.guest = false
+management.load_definitions = /etc/rabbitmq/definitions.json
+
+
+# mqtt
+mqtt.listeners.tcp.default = 1883
+mqtt.allow_anonymous = false
+mqtt.exchange = amq.topic
+mqtt.vhost = /
+
+