Home Esplora Aiuto
Accedi
kennyh
/
emqx4.3
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): a2b4e50a8d
Rami (Branch) Tag
emqx4.3
/
apps
/
emqx_auth_pgsql
/
etc
/
emqx_auth_pgsql.conf

emqx_auth_pgsql.conf 2.5 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. ##--------------------------------------------------------------------
    2. 

  2. ## PostgreSQL Auth/ACL Plugin
    3. 

  3. ##--------------------------------------------------------------------
    4. 

  4. 

  5. ## PostgreSQL server address.
    6. 

  6. ##
    7. 

  7. ## Value: Port | IP:Port
    8. 

  8. ##
    9. 

  9. ## Examples: 5432, 127.0.0.1:5432, localhost:5432
    10. 

  10. auth.pgsql.server = 127.0.0.1:5432
    11. 

  11. 

  12. ## PostgreSQL pool size.
    13. 

  13. ##
    14. 

  14. ## Value: Number
    15. 

  15. auth.pgsql.pool = 8
    16. 

  16. 

  17. ## PostgreSQL username.
    18. 

  18. ##
    19. 

  19. ## Value: String
    20. 

  20. auth.pgsql.username = root
    21. 

  21. 

  22. ## PostgreSQL password.
    23. 

  23. ##
    24. 

  24. ## Value: String
    25. 

  25. ## auth.pgsql.password =
    26. 

  26. 

  27. ## PostgreSQL database.
    28. 

  28. ##
    29. 

  29. ## Value: String
    30. 

  30. auth.pgsql.database = mqtt
    31. 

  31. 

  32. ## PostgreSQL database encoding.
    33. 

  33. ##
    34. 

  34. ## Value: String
    35. 

  35. auth.pgsql.encoding = utf8
    36. 

  36. 

  37. ## Whether to enable SSL connection.
    38. 

  38. ##
    39. 

  39. ## Value: true | false
    40. 

  40. auth.pgsql.ssl = false
    41. 

  41. 

  42. ## TLS version
    43. 

  43. ## You can configure multi-version use "," split,
    44. 

  44. ## default value is :tlsv1.2
    45. 

  45. ## Example:
    46. 

  46. ##    tlsv1.1,tlsv1.2,tlsv1.3
    47. 

  47. ##
    48. 

  48. ## auth.pgsql.ssl.tls_versions = tlsv1.2
    49. 

  49. 

  50. ## SSL keyfile.
    51. 

  51. ##
    52. 

  52. ## Value: File
    53. 

  53. ## auth.pgsql.ssl_opts.keyfile =
    54. 

  54. 

  55. ## SSL certfile.
    56. 

  56. ##
    57. 

  57. ## Value: File
    58. 

  58. ## auth.pgsql.ssl_opts.certfile =
    59. 

  59. 

  60. ## SSL cacertfile.
    61. 

  61. ##
    62. 

  62. ## Value: File
    63. 

  63. ## auth.pgsql.ssl_opts.cacertfile =
    64. 

  64. 

  65. ## Authentication query.
    66. 

  66. ##
    67. 

  67. ## Value: SQL
    68. 

  68. ##
    69. 

  69. ## Variables:
    70. 

  70. ##  - %u: username
    71. 

  71. ##  - %c: clientid
    72. 

  72. ##  - %C: common name of client TLS cert
    73. 

  73. ##  - %d: subject of client TLS cert
    74. 

  74. ##
    75. 

  75. auth.pgsql.auth_query = select password from mqtt_user where username = '%u' limit 1
    76. 

  76. 

  77. ## Password hash.
    78. 

  78. ##
    79. 

  79. ## Value: plain | md5 | sha | sha256 | bcrypt
    80. 

  80. auth.pgsql.password_hash = sha256
    81. 

  81. 

  82. ## sha256 with salt prefix
    83. 

  83. ## auth.pgsql.password_hash = salt,sha256
    84. 

  84. 

  85. ## sha256 with salt suffix
    86. 

  86. ## auth.pgsql.password_hash = sha256,salt
    87. 

  87. 

  88. ## bcrypt with salt prefix
    89. 

  89. ## auth.pgsql.password_hash = salt,bcrypt
    90. 

  90. 

  91. ## pbkdf2 with macfun iterations dklen
    92. 

  92. ## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
    93. 

  93. ## auth.pgsql.password_hash = pbkdf2,sha256,1000,20
    94. 

  94. 

  95. ## Superuser query.
    96. 

  96. ##
    97. 

  97. ## Value: SQL
    98. 

  98. ##
    99. 

  99. ## Variables:
    100. 

  100. ##  - %u: username
    101. 

  101. ##  - %c: clientid
    102. 

  102. ##  - %C: common name of client TLS cert
    103. 

  103. ##  - %d: subject of client TLS cert
    104. 

  104. ##
    105. 

  105. auth.pgsql.super_query = select is_superuser from mqtt_user where username = '%u' limit 1
    106. 

  106. 

  107. ## ACL query. Comment this query, the ACL will be disabled.
    108. 

  108. ##
    109. 

  109. ## Value: SQL
    110. 

  110. ##
    111. 

  111. ## Variables:
    112. 

  112. ##  - %a: ipaddress
    113. 

  113. ##  - %u: username
    114. 

  114. ##  - %c: clientid
    115. 

  115. ##
    116. 

  116. ## Note: You can add the 'ORDER BY' statement to control the rules match order
    117. 

  117. auth.pgsql.acl_query = select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'
    118. 

  118.