chore(build): Remove plugin config collection

Plugin configs are to be added manually

etc/emqx.d/emqx_auth_clientid.conf

@@ -1,18 +0,0 @@
-##--------------------------------------------------------------------
-## ClientId Authentication Plugin
-##--------------------------------------------------------------------
-
-## Examples
-##auth.client.1.clientid = id
-##auth.client.1.password = passwd
-##auth.client.2.clientid = dev:devid
-##auth.client.2.password = passwd2
-##auth.client.3.clientid = app:appid
-##auth.client.3.password = passwd3
-##auth.client.4.clientid = client~!@#$%^&*()_+
-##auth.client.4.password = passwd~!@#$%^&*()_+
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256
-auth.client.password_hash = sha256

etc/emqx.d/emqx_auth_http.conf

@@ -1,162 +0,0 @@
-##--------------------------------------------------------------------
-## HTTP Auth/ACL Plugin
-##--------------------------------------------------------------------
-
-##--------------------------------------------------------------------
-## Authentication request.
-
-## HTTP URL API path for authentication request
-##
-## Value: URL
-##
-## Examples: http://127.0.0.1:8991/mqtt/auth, https://[::1]:8991/mqtt/auth
-auth.http.auth_req = http://127.0.0.1:8991/mqtt/auth
-
-## Value: post | get
-auth.http.auth_req.method = post
-
-## It only works when method=post
-## Value: json | x-www-form-urlencoded
-auth.http.auth_req.content_type = x-www-form-urlencoded
-
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %a: ipaddress
-##  - %r: protocol
-##  - %P: password
-##  - %p: sockport of server accepted
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-## Value: Params
-auth.http.auth_req.params = clientid=%c,username=%u,password=%P
-
-##--------------------------------------------------------------------
-## Superuser request.
-
-## HTTP URL API path for Superuser request
-##
-## Value: URL
-##
-## Examples: http://127.0.0.1:8991/mqtt/superuser, https://[::1]:8991/mqtt/superuser
-#auth.http.super_req = http://127.0.0.1:8991/mqtt/superuser
-
-## Value: post | get
-#auth.http.super_req.method = post
-
-## It only works when method=pos
-## Value: json | x-www-form-urlencoded
-#auth.http.super_req.content_type = x-www-form-urlencoded
-
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %a: ipaddress
-##  - %r: protocol
-##  - %P: password
-##  - %p: sockport of server accepted
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-## Value: Params
-#auth.http.super_req.params = clientid=%c,username=%u
-
-##--------------------------------------------------------------------
-## ACL request.
-
-## HTTP URL API path for ACL request
-##
-## Value: URL
-##
-## Examples: http://127.0.0.1:8991/mqtt/acl, https://[::1]:8991/mqtt/acl
-auth.http.acl_req = http://127.0.0.1:8991/mqtt/acl
-
-## Value: post | get
-auth.http.acl_req.method = get
-
-## It only works when method=post
-## Value: json | x-www-form-urlencoded
-auth.http.acl_req.content_type = x-www-form-urlencoded
-
-## Variables:
-##  - %A: 1 | 2, 1 = sub, 2 = pub
-##  - %u: username
-##  - %c: clientid
-##  - %a: ipaddress
-##  - %r: protocol
-##  - %m: mountpoint
-##  - %t: topic
-##
-## Value: Params
-auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m
-
-##------------------------------------------------------------------------------
-## Http Reqeust options
-
-## Time-out time for the http request, 0 is never timeout.
-##
-## Value: Duration
-## -h: hour, e.g. '2h' for 2 hours
-## -m: minute, e.g. '5m' for 5 minutes
-## -s: second, e.g. '30s' for 30 seconds
-##
-## Default: 0
-## auth.http.request.timeout = 0
-
-## Connection time-out time, used during the initial request
-## when the client is connecting to the server
-##
-## Value: Duration
-##
-## Default is same with the timeout option
-## auth.http.request.connect_timeout = 0
-
-## Re-send http reuqest times
-##
-## Value: integer
-##
-## Default: 3
-auth.http.request.retry_times = 3
-
-## The interval for re-sending the http request
-##
-## Value: Duration
-##
-## Default: 1s
-auth.http.request.retry_interval = 1s
-
-## The 'Exponential Backoff' mechanism for re-sending request. The actually
-## re-send time interval is `interval * backoff ^ times`
-##
-## Value: float
-##
-## Default: 2.0
-auth.http.request.retry_backoff = 2.0
-
-##------------------------------------------------------------------------------
-## SSL options
-
-## Path to the file containing PEM-encoded CA certificates. The CA certificates
-## are used during server authentication and when building the client certificate chain.
-##
-## Value: File
-## auth.http.ssl.cacertfile = {{ platform_etc_dir }}/certs/ca.pem
-
-## The path to a file containing the client's certificate.
-##
-## Value: File
-## auth.http.ssl.certfile = {{ platform_etc_dir }}/certs/client-cert.pem
-
-## Path to a file containing the client's private PEM-encoded key.
-##
-## Value: File
-## auth.http.ssl.keyfile = {{ platform_etc_dir }}/certs/client-key.pem
-
-##--------------------------------------------------------------------
-## HTTP Request Headers
-##
-## Example: auth.http.header.Accept-Encoding = *
-##
-## Value: String
-## auth.http.header.Accept = */*

etc/emqx.d/emqx_auth_jwt.conf

@@ -1,39 +0,0 @@
-##--------------------------------------------------------------------
-## JWT Auth Plugin
-##--------------------------------------------------------------------
-
-## HMAC Hash Secret.
-##
-## Value: String
-auth.jwt.secret = emqxsecret
-
-## From where the JWT string can be got
-##
-## Value: username | password
-## Default: password
-auth.jwt.from = password
-
-## RSA or ECDSA public key file.
-##
-## Value: File
-## auth.jwt.pubkey = etc/certs/jwt_public_key.pem
-
-## Enable to verify claims fields
-##
-## Value: on | off
-auth.jwt.verify_claims = off
-
-## The checklist of claims to validate
-##
-## Value: String
-## auth.jwt.verify_claims.$name = expected
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-# auth.jwt.verify_claims.username = %u
-
-## The Signature format
-##   - `der`: The erlang default format
-##   - `raw`: Compatible with others platform maybe
-#auth.jwt.signature_format = der

etc/emqx.d/emqx_auth_mnesia.conf

@@ -1,20 +0,0 @@
-## Examples:
-##auth.mnesia.1.login = admin
-##auth.mnesia.1.password = public
-##auth.mnesia.1.is_superuser = true
-##auth.mnesia.2.login = feng@emqtt.io
-##auth.mnesia.2.password = public
-##auth.mnesia.2.is_superuser = false
-##auth.mnesia.3.login = name~!@#$%^&*()_+
-##auth.mnesia.3.password = pwsswd~!@#$%^&*()_+
-##auth.mnesia.3.is_superuser = false
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 
-auth.mnesia.password_hash = sha256
-
-## Auth as username or auth as clientid.
-##
-## Value: username | clientid
-auth.mnesia.as = username

etc/emqx.d/emqx_auth_mysql.conf

@@ -1,116 +0,0 @@
-##--------------------------------------------------------------------
-## MySQL Auth/ACL Plugin
-##--------------------------------------------------------------------
-
-## MySQL server address.
-##
-## Value: Port | IP:Port
-##
-## Examples: 3306, 127.0.0.1:3306, localhost:3306
-auth.mysql.server = 127.0.0.1:3306
-
-## MySQL pool size.
-##
-## Value: Number
-auth.mysql.pool = 8
-
-## MySQL username.
-##
-## Value: String
-## auth.mysql.username =
-
-## MySQL password.
-##
-## Value: String
-## auth.mysql.password =
-
-## MySQL database.
-##
-## Value: String
-auth.mysql.database = mqtt
-
-## MySQL query timeout
-##
-## Value: Duration
-## auth.mysql.query_timeout = 5s
-
-## Variables: %u = username, %c = clientid
-
-## Authentication query.
-##
-## Note that column names should be 'password' and 'salt' (if used).
-## In case column names differ in your DB - please use aliases,
-## e.g. "my_column_name as password".
-##
-## Value: SQL
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-auth.mysql.auth_query = select password from mqtt_user where username = '%u' limit 1
-## auth.mysql.auth_query = select password_hash as password from mqtt_user where username = '%u' limit 1
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 | bcrypt
-auth.mysql.password_hash = sha256
-
-## sha256 with salt prefix
-## auth.mysql.password_hash = salt,sha256
-
-## bcrypt with salt only prefix
-## auth.mysql.password_hash = salt,bcrypt
-
-## sha256 with salt suffix
-## auth.mysql.password_hash = sha256,salt
-
-## pbkdf2 with macfun iterations dklen
-## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
-## auth.mysql.password_hash = pbkdf2,sha256,1000,20
-
-## Superuser query.
-##
-## Value: SQL
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-auth.mysql.super_query = select is_superuser from mqtt_user where username = '%u' limit 1
-
-## ACL query.
-##
-## Value: SQL
-##
-## Variables:
-##  - %a: ipaddr
-##  - %u: username
-##  - %c: clientid
-##
-## Note: You can add the 'ORDER BY' statement to control the rules match order
-auth.mysql.acl_query = select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'
-
-## Mysql ssl configuration.
-##
-## Value: on | off
-auth.mysql.ssl = off
-
-## CA certificate.
-##
-## Value: File
-## auth.mysql.ssl.cafile  = path to your ca file
-
-## Client ssl certificate.
-##
-## Value: File
-## auth.mysql.ssl.certfile = path to your clientcert file
-
-## Client ssl keyfile.
-##
-## Value: File
-## auth.mysql.ssl.keyfile = path to your clientkey file

etc/emqx.d/emqx_auth_username.conf

@@ -1,16 +0,0 @@
-##--------------------------------------------------------------------
-## Username Authentication Plugin
-##--------------------------------------------------------------------
-
-## Examples:
-##auth.user.1.username = admin
-##auth.user.1.password = public
-##auth.user.2.username = feng@emqtt.io
-##auth.user.2.password = public
-##auth.user.3.username = name~!@#$%^&*()_+
-##auth.user.3.password = pwsswd~!@#$%^&*()_+
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 
-auth.user.password_hash = sha256

etc/emqx.d/emqx_recon.conf

@@ -1,4 +0,0 @@
-##--------------------------------------------------------------------
-## Recon Plugin
-##--------------------------------------------------------------------
-

etc/emqx.d/emqx_retainer.conf

@@ -1,41 +0,0 @@
-##--------------------------------------------------------------------
-## EMQ X Retainer
-##--------------------------------------------------------------------
-
-## Where to store the retained messages.
-##
-## Notice that all nodes in the same cluster have to be configured to
-## use the same storage_type.
-##
-## Value: ram | disc | disc_only
-##  - ram: memory only
-##  - disc: both memory and disc
-##  - disc_only: disc only
-##
-## Default: ram
-retainer.storage_type = ram
-
-## Maximum number of retained messages. 0 means no limit.
-##
-## Value: Number >= 0
-retainer.max_retained_messages = 0
-
-## Maximum retained message size.
-##
-## Value: Bytes
-retainer.max_payload_size = 1MB
-
-## Expiry interval of the retained messages. Never expire if the value is 0.
-##
-## Value: Duration
-##  - h: hour
-##  - m: minute
-##  - s: second
-##
-## Examples:
-##  - 2h:  2 hours
-##  - 30m: 30 minutes
-##  - 20s: 20 seconds
-##
-## Defaut: 0
-retainer.expiry_interval = 0

etc/emqx.d/emqx_rule_engine.conf

@@ -1,42 +0,0 @@
-##====================================================================
-## Rule Engine for EMQ X R4.0
-##====================================================================
-
-rule_engine.ignore_sys_message = on
-
-## Event Messages
-##
-## If enabled (on), rule engine publishes the event as an MQTT message
-## with topic='$events/<event-name>' on the occurrence of an emqx event.
-##
-## If disabled, rule engine stops publishing the event messages, but
-## the event message can still be processed by the rule SQL. e.g. rule SQL:
-##
-##   SELECT * FROM "$events/client_connected"
-##
-## will still work even if 'rule_engine.events.client_connected' is set to 'off'
-##
-## EMQ Event to event message mapping:
-##
-##   - client.connected      -> $events/client_connected
-##   - client.disconnected   -> $events/client_disconnected
-##   - session.subscribed    -> $events/session_subscribed
-##   - session.unsubscribed  -> $events/session_unsubscribed
-##   - message.delivered     -> $events/message_delivered
-##   - message.acked         -> $events/message_acked
-##   - message.dropped       -> $events/message_dropped
-##
-## Config Value Format: Toggle, QoS-Level
-##
-## Toggle: on/off
-##
-## QoS-Level: qos0/qos1/qos2
-
-#rule_engine.events.client_connected = on, qos1
-rule_engine.events.client_connected = off
-rule_engine.events.client_disconnected = off
-rule_engine.events.session_subscribed = off
-rule_engine.events.session_unsubscribed = off
-rule_engine.events.message_delivered = off
-rule_engine.events.message_acked = off
-rule_engine.events.message_dropped = off

etc/emqx.d/emqx_sn.conf

@@ -1,53 +0,0 @@
-##--------------------------------------------------------------------
-## MQTT-SN
-##--------------------------------------------------------------------
-
-## The UDP port which emq-sn is listening on.
-##
-## Value: IP:Port | Port
-##
-## Examples: 1884, 127.0.0.1:1884, ::1:1884
-mqtt.sn.port = 1884
-
-## The duration that emqx-sn broadcast ADVERTISE message through.
-##
-## Value: Duration
-mqtt.sn.advertise_duration = 15m
-
-## The MQTT-SN Gateway id in ADVERTISE message.
-##
-## Value: Number
-mqtt.sn.gateway_id = 1
-
-## To control whether write statistics data into ETS table for dashbord to read.
-##
-## Value: on | off
-mqtt.sn.enable_stats = off
-
-## To control whether accept and process the received publish message with qos=-1.
-##
-## Value: on | off
-mqtt.sn.enable_qos3 = off
-
-## MQTT SN idle timeout, specified in seconds.
-##
-## Value: Duration
-mqtt.sn.idle_timeout = 30s
-
-## The pre-defined topic name corresponding to the pre-defined topic id of N.
-## Note that the pre-defined topic id of 0 is reserved.
-mqtt.sn.predefined.topic.0 = reserved
-mqtt.sn.predefined.topic.1 = /predefined/topic/name/hello
-mqtt.sn.predefined.topic.2 = /predefined/topic/name/nice
-
-## Default username for MQTT-SN. This parameter is optional. If specified,
-## emq-sn will connect EMQ core with this username. It is useful if any auth
-## plug-in is enabled.
-##
-## Value: String
-mqtt.sn.username = mqtt_sn_user
-
-## This parameter is optional. Pair with username above.
-##
-## Value: String
-mqtt.sn.password = abc

etc/emqx.d/emqx_telemetry.conf

@@ -1,28 +0,0 @@
-##--------------------------------------------------------------------
-## Telemetry
-##--------------------------------------------------------------------
-
-## Enable telemetry
-##
-## Value: true | false
-##
-## Default: true
-telemetry.enabled = true
-
-## The destination URL for the telemetry data report
-##
-## Value: String
-##
-## Default: https://telemetry.emqx.io/api/telemetry
-telemetry.url = https://telemetry.emqx.io/api/telemetry
-
-## Interval for reporting telemetry data
-##
-## Value: Duration
-## -d: day
-## -h: hour
-## -m: minute
-## -s: second
-##
-## Default: 7d
-telemetry.report_interval = 7d

etc/emqx.d/emqx_web_hook.conf

@@ -1,66 +0,0 @@
-##====================================================================
-## WebHook
-##====================================================================
-
-## The web services URL for Hook request
-##
-## Value: String
-web.hook.api.url = http://127.0.0.1:8080
-
-##--------------------------------------------------------------------
-## HTTP Request Headers
-##
-## The header params what you extra need
-## Format:
-##    web.hook.headers.<param> = your-param
-## Example:
-## 1. web.hook.headers.token = your-token
-## 2. web.hook.headers.other = others-param
-##
-## Value: String
-## web.hook.headers.token = your-token
-
-##--------------------------------------------------------------------
-## Encode message payload field
-##
-## Value: base64 | base62
-## web.hook.encode_payload = base64
-## Mysql ssl configuration.
-##
-## Value: on | off
-## web.hook.ssl = off
-
-##--------------------------------------------------------------------
-## CA certificate.
-##
-## Value: File
-## web.hook.ssl.cafile  = path to your ca file
-## Client ssl certificate.
-##
-## Value: File
-## web.hook.ssl.certfile = path to your clientcert file
-
-##--------------------------------------------------------------------
-## Client ssl keyfile.
-##
-## Value: File
-## web.hook.ssl.keyfile = path to your clientkey file
-
-##--------------------------------------------------------------------
-## Hook Rules
-## These configuration items represent a list of events should be forwarded
-##
-## Format:
-##   web.hook.rule.<HookName>.<No> = <Spec>
-#web.hook.rule.client.connect.1       = {"action": "on_client_connect"}
-#web.hook.rule.client.connack.1       = {"action": "on_client_connack"}
-#web.hook.rule.client.connected.1     = {"action": "on_client_connected"}
-#web.hook.rule.client.disconnected.1  = {"action": "on_client_disconnected"}
-#web.hook.rule.client.subscribe.1     = {"action": "on_client_subscribe"}
-#web.hook.rule.client.unsubscribe.1   = {"action": "on_client_unsubscribe"}
-#web.hook.rule.session.subscribed.1   = {"action": "on_session_subscribed"}
-#web.hook.rule.session.unsubscribed.1 = {"action": "on_session_unsubscribed"}
-#web.hook.rule.session.terminated.1   = {"action": "on_session_terminated"}
-#web.hook.rule.message.publish.1      = {"action": "on_message_publish"}
-#web.hook.rule.message.delivered.1    = {"action": "on_message_delivered"}
-#web.hook.rule.message.acked.1        = {"action": "on_message_acked"}

etc/emqx_cloud.d/emqx_auth_ldap.conf

@@ -1,78 +0,0 @@
-##--------------------------------------------------------------------
-## LDAP Auth Plugin
-##--------------------------------------------------------------------
-
-## LDAP server list, seperated by ','.
-##
-## Value: String
-auth.ldap.servers = 127.0.0.1
-
-## LDAP server port.
-##
-## Value: Port
-auth.ldap.port = 389
-
-## LDAP pool size
-##
-## Value: String
-auth.ldap.pool = 8
-
-## LDAP Bind DN.
-##
-## Value: DN
-auth.ldap.bind_dn = cn=root,dc=emqx,dc=io
-
-## LDAP Bind Password.
-##
-## Value: String
-auth.ldap.bind_password = public
-
-## LDAP query timeout.
-##
-## Value: Number
-auth.ldap.timeout = 30s
-
-## Device DN.
-##
-## Variables:
-##
-## Value: DN
-auth.ldap.device_dn = ou=device,dc=emqx,dc=io
-
-## Specified ObjectClass
-##
-## Variables:
-##
-## Value: string
-auth.ldap.match_objectclass = mqttUser
-
-## attributetype for username
-##
-## Variables:
-##
-## Value: string
-auth.ldap.username.attributetype = uid
-
-## attributetype for password
-##
-## Variables:
-##
-## Value: string
-auth.ldap.password.attributetype = userPassword
-
-## Whether to enable SSL.
-##
-## Value: true | false
-auth.ldap.ssl = false
-
-#auth.ldap.ssl.certfile = etc/certs/cert.pem
-
-#auth.ldap.ssl.keyfile = etc/certs/key.pem
-
-#auth.ldap.ssl.cacertfile = etc/certs/cacert.pem
-
-#auth.ldap.ssl.verify = verify_peer
-
-#auth.ldap.ssl.fail_if_no_peer_cert = true
-
-#auth.ldap.ssl.server_name_indication = your_server_name

etc/emqx_cloud.d/emqx_auth_mongo.conf

@@ -1,172 +0,0 @@
-##--------------------------------------------------------------------
-## MongoDB Auth/ACL Plugin
-##--------------------------------------------------------------------
-
-## MongoDB Topology Type.
-##
-## Value: single | unknown | sharded | rs
-auth.mongo.type = single
-
-## The set name if type is rs.
-##
-## Value: String
-## auth.mongo.rs_set_name =
-
-## MongoDB server list.
-##
-## Value: String
-##
-## Examples: 127.0.0.1:27017,127.0.0.2:27017...
-auth.mongo.server = 127.0.0.1:27017
-
-## MongoDB pool size
-##
-## Value: Number
-auth.mongo.pool = 8
-
-## MongoDB login user.
-##
-## Value: String
-## auth.mongo.login =
-
-## MongoDB password.
-##
-## Value: String
-## auth.mongo.password =
-
-## MongoDB AuthSource
-##
-## Value: String
-## Default: mqtt
-## auth.mongo.auth_source = admin
-
-## MongoDB database
-##
-## Value: String
-auth.mongo.database = mqtt
-
-## MongoDB query timeout
-##
-## Value: Duration
-## auth.mongo.query_timeout = 5s
-
-## Whether to enable SSL connection.
-##
-## Value: true | false
-## auth.mongo.ssl = false
-
-## SSL keyfile.
-##
-## Value: File
-## auth.mongo.ssl_opts.keyfile =
-
-## SSL certfile.
-##
-## Value: File
-## auth.mongo.ssl_opts.certfile =
-
-## SSL cacertfile.
-##
-## Value: File
-## auth.mongo.ssl_opts.cacertfile =
-
-## MongoDB write mode.
-##
-## Value: unsafe | safe
-## auth.mongo.w_mode =
-
-## Mongo read mode.
-##
-## Value: master | slave_ok
-## auth.mongo.r_mode =
-
-## MongoDB topology options.
-auth.mongo.topology.pool_size = 1
-auth.mongo.topology.max_overflow = 0
-## auth.mongo.topology.overflow_ttl = 1000
-## auth.mongo.topology.overflow_check_period = 1000
-## auth.mongo.topology.local_threshold_ms = 1000
-## auth.mongo.topology.connect_timeout_ms = 20000
-## auth.mongo.topology.socket_timeout_ms = 100
-## auth.mongo.topology.server_selection_timeout_ms = 30000
-## auth.mongo.topology.wait_queue_timeout_ms = 1000
-## auth.mongo.topology.heartbeat_frequency_ms = 10000
-## auth.mongo.topology.min_heartbeat_frequency_ms = 1000
-
-## -------------------------------------------------
-## Auth Query
-## -------------------------------------------------
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 | bcrypt
-auth.mongo.auth_query.password_hash = sha256
-
-## sha256 with salt suffix
-## auth.mongo.auth_query.password_hash = sha256,salt
-
-## sha256 with salt prefix
-## auth.mongo.auth_query.password_hash = salt,sha256
-
-## bcrypt with salt prefix
-## auth.mongo.auth_query.password_hash = salt,bcrypt
-
-## pbkdf2 with macfun iterations dklen
-## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
-## auth.mongo.auth_query.password_hash = pbkdf2,sha256,1000,20
-
-## Authentication query.
-auth.mongo.auth_query.collection = mqtt_user
-
-## Password mainly fields
-##
-## Value:  password | password,salt
-auth.mongo.auth_query.password_field = password
-
-## Authentication Selector.
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-## auth.mongo.auth_query.selector = {Field}={Placeholder}
-auth.mongo.auth_query.selector = username=%u
-
-## -------------------------------------------------
-## Super User Query
-## -------------------------------------------------
-auth.mongo.super_query.collection = mqtt_user
-auth.mongo.super_query.super_field = is_superuser
-#auth.mongo.super_query.selector = username=%u, clientid=%c
-auth.mongo.super_query.selector = username=%u
-
-## ACL Selector.
-##
-## Multiple selectors could be combined with '$or'
-##   when query acl from mongo.
-##
-## e.g.
-##
-## With following 2 selectors configured:
-##
-## auth.mongo.acl_query.selector.1 = username=%u
-## auth.mongo.acl_query.selector.2 = username=$all
-##
-## And if a client connected using username 'ilyas',
-##   then the following mongo command will be used to
-##   retrieve acl entries:
-##
-## db.mqtt_acl.find({$or: [{username: "ilyas"},  {username: "$all"}]});
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##
-## Examples:
-##
-## auth.mongo.acl_query.selector.1 = username=%u,clientid=%c
-## auth.mongo.acl_query.selector.2 = username=$all
-## auth.mongo.acl_query.selector.3 = clientid=$all
-auth.mongo.acl_query.collection = mqtt_acl
-auth.mongo.acl_query.selector = username=%u

etc/emqx_cloud.d/emqx_auth_pgsql.conf

@@ -1,110 +0,0 @@
-##--------------------------------------------------------------------
-## PostgreSQL Auth/ACL Plugin
-##--------------------------------------------------------------------
-
-## PostgreSQL server address.
-##
-## Value: Port | IP:Port
-##
-## Examples: 5432, 127.0.0.1:5432, localhost:5432
-auth.pgsql.server = 127.0.0.1:5432
-
-## PostgreSQL pool size.
-##
-## Value: Number
-auth.pgsql.pool = 8
-
-## PostgreSQL username.
-##
-## Value: String
-auth.pgsql.username = root
-
-## PostgreSQL password.
-##
-## Value: String
-## auth.pgsql.password =
-
-## PostgreSQL database.
-##
-## Value: String
-auth.pgsql.database = mqtt
-
-## PostgreSQL database encoding.
-##
-## Value: String
-auth.pgsql.encoding = utf8
-
-## Whether to enable SSL connection.
-##
-## Value: true | false
-auth.pgsql.ssl = false
-
-## SSL keyfile.
-##
-## Value: File
-## auth.pgsql.ssl_opts.keyfile =
-
-## SSL certfile.
-##
-## Value: File
-## auth.pgsql.ssl_opts.certfile =
-
-## SSL cacertfile.
-##
-## Value: File
-## auth.pgsql.ssl_opts.cacertfile =
-
-## Authentication query.
-##
-## Value: SQL
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-auth.pgsql.auth_query = select password from mqtt_user where username = '%u' limit 1
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 | bcrypt
-auth.pgsql.password_hash = sha256
-
-## sha256 with salt prefix
-## auth.pgsql.password_hash = salt,sha256
-
-## sha256 with salt suffix
-## auth.pgsql.password_hash = sha256,salt
-
-## bcrypt with salt prefix
-## auth.pgsql.password_hash = salt,bcrypt
-
-## pbkdf2 with macfun iterations dklen
-## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
-## auth.pgsql.password_hash = pbkdf2,sha256,1000,20
-
-## Superuser query.
-##
-## Value: SQL
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-auth.pgsql.super_query = select is_superuser from mqtt_user where username = '%u' limit 1
-
-## ACL query. Comment this query, the ACL will be disabled.
-##
-## Value: SQL
-##
-## Variables:
-##  - %a: ipaddress
-##  - %u: username
-##  - %c: clientid
-##
-## Note: You can add the 'ORDER BY' statement to control the rules match order
-auth.pgsql.acl_query = select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'
-

etc/emqx_cloud.d/emqx_auth_redis.conf

@@ -1,97 +0,0 @@
-##--------------------------------------------------------------------
-## Redis Auth/ACL Plugin
-##--------------------------------------------------------------------
-## Redis Server cluster type
-## single    Single redis server
-## sentinel  Redis cluster through sentinel
-## cluster   Redis through cluster
-auth.redis.type = single
-
-## Redis server address.
-##
-## Value: Port | IP:Port
-##
-## Single Redis Server: 127.0.0.1:6379, localhost:6379
-## Redis Sentinel: 127.0.0.1:26379,127.0.0.2:26379,127.0.0.3:26379
-## Redis Cluster: 127.0.0.1:6379,127.0.0.2:6379,127.0.0.3:6379
-auth.redis.server = 127.0.0.1:6379
-
-## Redis sentinel cluster name.
-##
-## Value: String
-## auth.redis.sentinel = mymaster
-
-## Redis pool size.
-##
-## Value: Number
-auth.redis.pool = 8
-
-## Redis database no.
-##
-## Value: Number
-auth.redis.database = 0
-
-## Redis password.
-##
-## Value: String
-## auth.redis.password =
-
-## Redis query timeout
-##
-## Value: Duration
-## auth.redis.query_timeout = 5s
-
-## Authentication query command.
-##
-## Value: Redis cmd
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-##
-## Examples:
-##  - HGET mqtt_user:%u password
-##  - HMGET mqtt_user:%u password
-##  - HMGET mqtt_user:%u password salt
-auth.redis.auth_cmd = HMGET mqtt_user:%u password
-
-## Password hash.
-##
-## Value: plain | md5 | sha | sha256 | bcrypt
-auth.redis.password_hash = plain
-
-## sha256 with salt prefix
-## auth.redis.password_hash = salt,sha256
-
-## sha256 with salt suffix
-## auth.redis.password_hash = sha256,salt
-
-## bcrypt with salt prefix
-## auth.redis.password_hash = salt,bcrypt
-
-## pbkdf2 with macfun iterations dklen
-## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
-## auth.redis.password_hash = pbkdf2,sha256,1000,20
-
-## Superuser query command.
-##
-## Value: Redis cmd
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-##  - %C: common name of client TLS cert
-##  - %d: subject of client TLS cert
-auth.redis.super_cmd = HGET mqtt_user:%u is_superuser
-
-## ACL query command.
-##
-## Value: Redis cmd
-##
-## Variables:
-##  - %u: username
-##  - %c: clientid
-auth.redis.acl_cmd = HGETALL mqtt_acl:%u
-

etc/emqx_cloud.d/emqx_exhook.conf

@@ -1,15 +0,0 @@
-##====================================================================
-## EMQ X Hooks
-##====================================================================
-
-##--------------------------------------------------------------------
-## Server Address
-
-## The gRPC server url
-##
-## exhook.server.$name.url = url()
-exhook.server.default.url = http://127.0.0.1:9000
-
-#exhook.server.default.ssl.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
-#exhook.server.default.ssl.certfile = {{ platform_etc_dir }}/certs/cert.pem
-#exhook.server.default.ssl.keyfile = {{ platform_etc_dir }}/certs/key.pem

etc/emqx_cloud.d/emqx_lua_hook.conf

@@ -1,4 +0,0 @@
-##--------------------------------------------------------------------
-## EMQ X Lua Hook
-##--------------------------------------------------------------------
-

etc/emqx_cloud.d/emqx_prometheus.conf

@@ -1,13 +0,0 @@
-##--------------------------------------------------------------------
-## emqx_prometheus for EMQ X
-##--------------------------------------------------------------------
-
-## The Prometheus Push Gateway URL address
-##
-## Note: You can comment out this line to disable it
-prometheus.push.gateway.server = http://127.0.0.1:9091
-
-## The metrics data push interval (millisecond)
-##
-## Default: 15000
-prometheus.interval = 15000

etc/emqx_cloud.d/emqx_psk_file.conf

@@ -1,2 +0,0 @@
-psk.file.path = {{ platform_etc_dir }}/psk.txt
-psk.file.delimiter = :

etc/vm.args

@@ -1,115 +0,0 @@
-######################################################################
-## Erlang VM Args for EMQ X Broker
-######################################################################
-
-## NOTE:
-##
-## Arguments configured in this file might be overridden by configs from `emqx.conf`.
-##
-## Some basic VM arguments are to be configured in `emqx.conf`,
-## such as `node.name` for `-name` and `node.cooke` for `-setcookie`.
-
-## Sets the maximum number of simultaneously existing processes for this system.
-+P 2097152
-
-## Sets the maximum number of simultaneously existing ports for this system.
-+Q 1048576
-
-## Sets the maximum number of ETS tables
-+e 262144
-
-## Sets the maximum number of atoms the virtual machine can handle.
-#+t 1048576
-
-## Set the location of crash dumps
-#-env ERL_CRASH_DUMP {{ platform_log_dir }}/crash.dump
-
-## Set how many times generational garbages collections can be done without
-## forcing a fullsweep collection.
--env ERL_FULLSWEEP_AFTER 1000
-
-## Heartbeat management; auto-restarts VM if it dies or becomes unresponsive
-## (Disabled by default..use with caution!)
-#-heart
-
-## Specify the erlang distributed protocol.
-## Can be one of: inet_tcp, inet6_tcp, inet_tls
-#-proto_dist inet_tcp
-
-## Specify SSL Options in the file if using SSL for Erlang Distribution.
-## Used only when -proto_dist set to inet_tls
-#-ssl_dist_optfile {{ platform_etc_dir }}/ssl_dist.conf
-
-## Specifies the net_kernel tick time in seconds.
-## This is the approximate time a connected node may be unresponsive until
-## it is considered down and thereby disconnected.
--kernel net_ticktime 120
-
-## Sets the distribution buffer busy limit (dist_buf_busy_limit).
-#+zdbbl 8192
-
-## Sets default scheduler hint for port parallelism.
-+spp true
-
-## Sets the number of threads in async thread pool. Valid range is 0-1024.
-## Increase the parameter if there are many simultaneous file I/O operations.
-+A 4
-
-## Sets the default heap size of processes to the size Size.
-#+hms 233
-
-## Sets the default binary virtual heap size of processes to the size Size.
-#+hmbs 46422
-
-## Sets the default maximum heap size of processes to the size Size.
-## Defaults to 0, which means that no maximum heap size is used.
-##For more information, see process_flag(max_heap_size, MaxHeapSize).
-#+hmax 0
-
-## Sets the default value for process flag message_queue_data. Defaults to on_heap.
-#+hmqd on_heap | off_heap
-
-## Sets the number of IO pollsets to use when polling for I/O.
-#+IOp 1
-
-## Sets the number of IO poll threads to use when polling for I/O.
-## Increase this for the busy systems with many concurrent connection.
-+IOt 4
-
-## Sets the number of scheduler threads to create and scheduler threads to set online.
-#+S 8:8
-
-## Sets the number of dirty CPU scheduler threads to create and dirty CPU scheduler threads to set online.
-#+SDcpu 8:8
-
-## Sets the number of dirty I/O scheduler threads to create.
-+SDio 8
-
-## Suggested stack size, in kilowords, for scheduler threads.
-#+sss 32
-
-## Suggested stack size, in kilowords, for dirty CPU scheduler threads.
-#+sssdcpu 40
-
-## Suggested stack size, in kilowords, for dirty IO scheduler threads.
-#+sssdio 40
-
-## Sets scheduler bind type.
-## Can be one of: u, ns, ts, ps, s, nnts, nnps, tnnps, db
-#+sbt db
-
-## Sets a user-defined CPU topology.
-#+sct L0-3c0-3p0N0:L4-7c0-3p1N1
-
-## Sets the mapping of warning messages for error_logger
-#+W w
-
-## Sets time warp mode: no_time_warp | single_time_warp | multi_time_warp
-#+C no_time_warp
-
-## Prevents loading information about source filenames and line numbers.
-#+L
-
-## Specifies how long time (in milliseconds) to spend shutting down the system.
-## See: http://erlang.org/doc/man/erl.html
--shutdown_time 30000

etc/vm.args.edge

@@ -1,114 +0,0 @@
-######################################################################
-## Erlang VM Args for EMQ X Edge
-######################################################################
-
-## NOTE:
-##
-## Arguments configured in this file might be overridden by configs from `emqx.conf`.
-##
-## Some basic VM arguments are to be configured in `emqx.conf`,
-## such as `node.name` for `-name` and `node.cooke` for `-setcookie`.
-
-## Sets the maximum number of simultaneously existing processes for this system.
-+P 16384
-## Sets the maximum number of simultaneously existing ports for this system.
-+Q 4096
-
-## Sets the maximum number of ETS tables
-+e 512
-
-## Sets the maximum number of atoms the virtual machine can handle.
-+t 262144
-
-## Set the location of crash dumps
--env ERL_CRASH_DUMP {{ platform_log_dir }}/crash.dump
-
-## Set how many times generational garbages collections can be done without
-## forcing a fullsweep collection.
--env ERL_FULLSWEEP_AFTER 0
-
-## Heartbeat management; auto-restarts VM if it dies or becomes unresponsive
-## (Disabled by default..use with caution!)
--heart
-
-## Specify the erlang distributed protocol.
-## Can be one of: inet_tcp, inet6_tcp, inet_tls
-#-proto_dist inet_tcp
-
-## Specify SSL Options in the file if using SSL for Erlang Distribution.
-## Used only when -proto_dist set to inet_tls
-#-ssl_dist_optfile {{ platform_etc_dir }}/ssl_dist.conf
-
-## Specifies the net_kernel tick time in seconds.
-## This is the approximate time a connected node may be unresponsive until
-## it is considered down and thereby disconnected.
-#-kernel net_ticktime 60
-
-## Sets the distribution buffer busy limit (dist_buf_busy_limit).
-+zdbbl 1024
-
-## Sets default scheduler hint for port parallelism.
-+spp false
-
-## Sets the number of threads in async thread pool. Valid range is 0-1024.
-## Increase the parameter if there are many simultaneous file I/O operations.
-+A 1
-
-## Sets the default heap size of processes to the size Size.
-#+hms 233
-
-## Sets the default binary virtual heap size of processes to the size Size.
-#+hmbs 46422
-
-## Sets the default maximum heap size of processes to the size Size.
-## Defaults to 0, which means that no maximum heap size is used.
-##For more information, see process_flag(max_heap_size, MaxHeapSize).
-#+hmax 0
-
-## Sets the default value for process flag message_queue_data. Defaults to on_heap.
-#+hmqd on_heap | off_heap
-
-## Sets the number of IO pollsets to use when polling for I/O.
-+IOp 1
-
-## Sets the number of IO poll threads to use when polling for I/O.
-+IOt 1
-
-## Sets the number of scheduler threads to create and scheduler threads to set online.
-+S 1:1
-
-## Sets the number of dirty CPU scheduler threads to create and dirty CPU scheduler threads to set online.
-+SDcpu 1:1
-
-## Sets the number of dirty I/O scheduler threads to create.
-+SDio 1
-
-## Suggested stack size, in kilowords, for scheduler threads.
-#+sss 32
-
-## Suggested stack size, in kilowords, for dirty CPU scheduler threads.
-#+sssdcpu 40
-
-## Suggested stack size, in kilowords, for dirty IO scheduler threads.
-#+sssdio 40
-
-## Sets scheduler bind type.
-## Can be one of: u, ns, ts, ps, s, nnts, nnps, tnnps, db
-#+sbt db
-
-## Sets a user-defined CPU topology.
-#+sct L0-3c0-3p0N0:L4-7c0-3p1N1
-
-## Sets the mapping of warning messages for error_logger
-#+W w
-
-## Sets time warp mode: no_time_warp | single_time_warp | multi_time_warp
-#+C no_time_warp
-
-## Prevents loading information about source filenames and line numbers.
-+L
-
-## Specifies how long time (in milliseconds) to spend shutting down the system.
-## See: http://erlang.org/doc/man/erl.html
--shutdown_time 10000
-