kennyh
/
emqx4.3


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437
							node {
  name = "emqx@127.0.0.1"
  cookie = "emqxsecretcookie"
  data_dir = "data"
}

cluster {
  name = emqxcl
  discovery_strategy = manual
}


dashboard {
    listeners.http {
        bind = 18083
    }
}

authentication = [
  {
    backend = "built_in_database"
    mechanism = "password_based"
    password_hash_algorithm {name = "sha256", salt_position = "suffix"}
    user_id_type = "username"
  }
]
authorization {
  cache {
    enable = true
    max_size = 32
    ttl = "1m"
  }
  deny_action = "ignore"
  no_match = "allow"
  sources = [
    {
      body {username = "${username}"}
      connect_timeout = "15s"
      enable_pipelining = 100
      headers {"content-type" = "application/json"}
      method = "post"
      pool_size = 8
      request_timeout = "30s"
      ssl {enable = false, verify = "verify_peer"}
      type = "http"
      url = "http://127.0.0.1:8080"
    },
    {
      enable = true
      path = "${EMQX_ETC_DIR}/acl.conf"
      type = "file"
    }
  ]
}
bridges {
  webhook {
    test {
      connect_timeout = "15s"
      enable_pipelining = 100
      headers {"content-type" = "application/json"}
      method = "post"
      pool_size = 8
      pool_type = "random"
      request_timeout = "15s"
      resource_opts {
        auto_restart_interval = "60s"
        health_check_interval = "15s"
        inflight_window = 100
        max_buffer_bytes = "1GB"
        query_mode = "async"
        request_timeout = "15s"
        worker_pool_size = 4
      }
      ssl {enable = false, verify = "verify_peer"}
      url = "http://127.0.0.1:8080/webhook"
    }
  }
}
delayed {enable = false, max_delayed_messages = 2000}
exhook {
  servers = [
    {
      auto_reconnect = "60s"
      enable = false
      failed_action = "deny"
      name = "test"
      pool_size = 16
      request_timeout = "5s"
      ssl {enable = false, verify = "verify_peer"}
      url = "http://127.0.0.1:8080"
    }
  ]
}
gateway {
  "lwm2m" {
    auto_observe = true
    enable_stats = true
    idle_timeout = "30s"
    lifetime_max = "86400s"
    lifetime_min = "1s"
    listeners {
      udp {
        default {
          bind = "5783"
          max_conn_rate = 1000
          max_connections = 1024000
        }
      }
    }
    mountpoint = ""
    qmode_time_window = "22s"
    translators {
      command {qos = 0, topic = "dn/#"}
      notify {qos = 0, topic = "up/notify"}
      register {qos = 0, topic = "up/resp"}
      response {qos = 0, topic = "up/resp"}
      update {qos = 0, topic = "up/update"}
    }
    update_msg_publish_condition = "contains_object_list"
    xml_dir = "etc/lwm2m_xml/"
  }
}
limiter {max_conn_rate = "2000/s"}
listeners {
  ssl {
    default {
      acceptors = 16
      access_rules = ["allow all"]
      bind = "0.0.0.0:8883"
      enable_authn = true
      enabled = true
      max_connections = 5000000
      mountpoint = ""
      proxy_protocol = false
      proxy_protocol_timeout = "3s"
      ssl_options {
        cacertfile = "${EMQX_ETC_DIR}/certs/cacert.pem"
        certfile = "${EMQX_ETC_DIR}/certs/cert.pem"
        ciphers = []
        client_renegotiation = true
        depth = 10
        enable_crl_check = false
        fail_if_no_peer_cert = false
        gc_after_handshake = false
        handshake_timeout = "15s"
        hibernate_after = "5s"
        honor_cipher_order = true
        keyfile = "${EMQX_ETC_DIR}/certs/key.pem"
        ocsp {
          enable_ocsp_stapling = false
          refresh_http_timeout = "15s"
          refresh_interval = "5m"
        }
        reuse_sessions = true
        secure_renegotiate = true
        verify = "verify_none"
        versions = ["tlsv1.3", "tlsv1.2"]
      }
      tcp_options {
        active_n = 100
        backlog = 1024
        buffer = "4KB"
        high_watermark = "1MB"
        nodelay = true
        reuseaddr = true
        send_timeout = "15s"
        send_timeout_close = true
      }
      zone = "default"
    }
  }
  tcp {
    default {
      acceptors = 16
      access_rules = ["allow all"]
      bind = "0.0.0.0:1883"
      enable_authn = true
      enabled = true
      max_connections = 5000000
      mountpoint = ""
      proxy_protocol = false
      proxy_protocol_timeout = "3s"
      tcp_options {
        active_n = 100
        backlog = 1024
        buffer = "4KB"
        high_watermark = "1MB"
        nodelay = true
        reuseaddr = true
        send_timeout = "15s"
        send_timeout_close = true
      }
      zone = "default"
    }
  }
  ws {
    default {
      acceptors = 32
      access_rules = ["allow all"]
      bind = "0.0.0.0:8083"
      enable_authn = true
      enabled = true
      max_connections = 5000000
      mountpoint = ""
      proxy_protocol = false
      proxy_protocol_timeout = "3s"
      tcp_options {
        active_n = 100
        backlog = 1024
        buffer = "40KB"
        high_watermark = "1MB"
        nodelay = true
        reuseaddr = true
        send_timeout = "15s"
        send_timeout_close = true
      }
      websocket {
        allow_origin_absence = true
        check_origin_enable = false
        check_origins = "http://localhost:18083, http://127.0.0.1:18083"
        compress = false
        deflate_opts {
          client_context_takeover = "takeover"
          client_max_window_bits = 15
          mem_level = 8
          server_context_takeover = "takeover"
          server_max_window_bits = 15
          strategy = "default"
        }
        fail_if_no_subprotocol = true
        idle_timeout = "7200s"
        max_frame_size = "infinity"
        mqtt_path = "/mqtt"
        mqtt_piggyback = "multiple"
        proxy_address_header = "x-forwarded-for"
        proxy_port_header = "x-forwarded-port"
        supported_subprotocols = "mqtt, mqtt-v3, mqtt-v3.1.1, mqtt-v5"
      }
      zone = "default"
    }
  }
  wss {
    default {
      acceptors = 16
      access_rules = ["allow all"]
      bind = "0.0.0.0:8084"
      enable_authn = true
      enabled = true
      max_connections = 5000000
      mountpoint = ""
      proxy_protocol = false
      proxy_protocol_timeout = "3s"
      ssl_options {
        cacertfile = "${EMQX_ETC_DIR}/certs/cacert.pem"
        certfile = "${EMQX_ETC_DIR}/certs/cert.pem"
        ciphers = []
        client_renegotiation = true
        depth = 10
        fail_if_no_peer_cert = false
        handshake_timeout = "15s"
        hibernate_after = "5s"
        honor_cipher_order = true
        keyfile = "${EMQX_ETC_DIR}/certs/key.pem"
        reuse_sessions = true
        secure_renegotiate = true
        verify = "verify_none"
        versions = ["tlsv1.3", "tlsv1.2"]
      }
      tcp_options {
        active_n = 100
        backlog = 1024
        buffer = "4KB"
        high_watermark = "1MB"
        nodelay = true
        reuseaddr = true
        send_timeout = "15s"
        send_timeout_close = true
      }
      websocket {
        allow_origin_absence = true
        check_origin_enable = false
        check_origins = "http://localhost:18083, http://127.0.0.1:18083"
        compress = false
        deflate_opts {
          client_context_takeover = "takeover"
          client_max_window_bits = 15
          mem_level = 8
          server_context_takeover = "takeover"
          server_max_window_bits = 15
          strategy = "default"
        }
        fail_if_no_subprotocol = true
        idle_timeout = "7200s"
        max_frame_size = "infinity"
        mqtt_path = "/mqtt"
        mqtt_piggyback = "multiple"
        proxy_address_header = "x-forwarded-for"
        proxy_port_header = "x-forwarded-port"
        supported_subprotocols = "mqtt, mqtt-v3, mqtt-v3.1.1, mqtt-v5"
      }
      zone = "default"
    }
  }
}
log {
  console_handler {
    burst_limit {
      enable = true
      max_count = 10000
      window_time = "1s"
    }
    chars_limit = 10000
    drop_mode_qlen = 3000
    enable = true
    flush_qlen = 8000
    formatter = "text"
    level = "info"
    max_depth = 100
    overload_kill {
      enable = true
      mem_size = "30MB"
      qlen = 20000
      restart_after = "5s"
    }
    single_line = true
    supervisor_reports = "error"
    sync_mode_qlen = 100
    time_offset = "system"
  }
  file_handlers {
    default {
      burst_limit {
        enable = true
        max_count = 10000
        window_time = "1s"
      }
      chars_limit = "unlimited"
      drop_mode_qlen = 3000
      enable = false
      file = "${EMQX_LOG_DIR}/emqx.log"
      flush_qlen = 8000
      formatter = "text"
      level = "warning"
      max_depth = 100
      max_size = "50MB"
      overload_kill {
        enable = true
        mem_size = "30MB"
        qlen = 20000
        restart_after = "5s"
      }
      rotation {count = 10, enable = true}
      single_line = true
      supervisor_reports = "error"
      sync_mode_qlen = 100
      time_offset = "system"
    }
  }
}
mqtt {
  await_rel_timeout = "300s"
  exclusive_subscription = true
  idle_timeout = "15s"
  ignore_loop_deliver = true
  keepalive_backoff = 1
  max_awaiting_rel = 100
  max_clientid_len = 65535
  max_inflight = 32
  max_mqueue_len = 1000
  max_packet_size = "10MB"
  max_qos_allowed = 2
  max_subscriptions = 15
  max_topic_alias = 65535
  max_topic_levels = 128
  mqueue_default_priority = "lowest"
  mqueue_priorities = "disabled"
  "mqueue_store_qos0" = true
  peer_cert_as_clientid = "cn"
  peer_cert_as_username = "cn"
  response_information = ""
  retain_available = true
  retry_interval = "30s"
  server_keepalive = 15
  session_expiry_interval = "2h"
  shared_subscription = true
  strict_mode = true
  upgrade_qos = true
  use_username_as_clientid = true
  wildcard_subscription = true
}
retainer {
  backend {
    index_specs = [
      [1, 2, 3],
      [1, 3],
      [2, 3],
      [3]
    ]
    max_retained_messages = 120
    storage_type = "ram"
    type = "built_in_database"
  }
  enable = true
  max_payload_size = "1MB"
  msg_clear_interval = "2000ms"
  msg_expiry_interval = "10000ms"
  stop_publish_clear_msg = false
}
rule_engine {
  ignore_sys_message = true
  jq_function_default_timeout = "10s"
  rules {
    "rule_t7cl" {
      actions = ["webhook:test"]
      description = ""
      metadata {created_at = 1684222459298}
      sql = "SELECT\n  *\nFROM\n  \"t/#\""
    }
  }
}
slow_subs {
  enable = true
  expire_interval = "3000s"
  stats_type = "internal"
  threshold = "5000ms"
  top_k_num = 1000
}
sys_topics {
  sys_event_messages {
    client_connected = true
    client_disconnected = true
    client_subscribed = true
    client_unsubscribed = true
  }
  sys_heartbeat_interval = "30s"
  sys_msg_interval = "1m"
}