100 lines
3.0 KiB
Plaintext
100 lines
3.0 KiB
Plaintext
|
## NOTE:
|
|||
|
|
## This config file overrides data/configs/cluster.hocon,
|
|||
|
|
## and is merged with environment variables which start with 'EMQX_' prefix.
|
|||
|
|
##
|
|||
|
|
## Config changes made from EMQX dashboard UI, management HTTP API, or CLI
|
|||
|
|
## are stored in data/configs/cluster.hocon.
|
|||
|
|
## To avoid confusion, please do not store the same configs in both files.
|
|||
|
|
##
|
|||
|
|
## See https://www.emqx.io/docs/en/latest/configuration/configuration.html for more details.
|
|||
|
|
## Configuration full example can be found in etc/examples
|
|||
|
|
|
|||
|
|
node {
|
|||
|
|
name = "emqx@127.0.0.1"
|
|||
|
|
cookie = "emqxsecretcookie"
|
|||
|
|
data_dir = "data"
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
cluster {
|
|||
|
|
name = emqxcl
|
|||
|
|
discovery_strategy = manual
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
## EMQX provides support for two primary log handlers: `file` and `console`, with an additional `audit` handler specifically designed to always direct logs to files.
|
|||
|
|
## The system's default log handling behavior can be configured via the environment variable `EMQX_DEFAULT_LOG_HANDLER`, which accepts the following settings:
|
|||
|
|
##
|
|||
|
|
## - `file`: Directs log output exclusively to files.
|
|||
|
|
## - `console`: Channels log output solely to the console.
|
|||
|
|
##
|
|||
|
|
## It's noteworthy that `EMQX_DEFAULT_LOG_HANDLER` is set to `file` when EMQX is initiated via systemd `emqx.service` file.
|
|||
|
|
## In scenarios outside systemd initiation, `console` serves as the default log handler.
|
|||
|
|
|
|||
|
|
## Read more about configs here: https://www.emqx.io/docs/en/latest/configuration/logs.html
|
|||
|
|
|
|||
|
|
log {
|
|||
|
|
# file {
|
|||
|
|
# level = warning
|
|||
|
|
# }
|
|||
|
|
# console {
|
|||
|
|
# level = warning
|
|||
|
|
# }
|
|||
|
|
}
|
|||
|
|
dashboard {
|
|||
|
|
listeners {
|
|||
|
|
http {
|
|||
|
|
## Comment out 'bind' (or set bind=0) to disable listener.
|
|||
|
|
bind = 18083
|
|||
|
|
}
|
|||
|
|
https {
|
|||
|
|
## Uncomment to enable
|
|||
|
|
# bind = 18084
|
|||
|
|
ssl_options {
|
|||
|
|
certfile = "${EMQX_ETC_DIR}/certs/cert.pem"
|
|||
|
|
keyfile = "${EMQX_ETC_DIR}/certs/key.pem"
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
# 必须禁止匿名访问,是开启认证的必备步骤
|
|||
|
|
allow_anonymous = false
|
|||
|
|
|
|||
|
|
# 启用http协议的认证方式
|
|||
|
|
authentication = [
|
|||
|
|
{
|
|||
|
|
# 后端类型:http 服务
|
|||
|
|
backend = "http"
|
|||
|
|
enable = true
|
|||
|
|
mechanism = "password_based"
|
|||
|
|
|
|||
|
|
# ----- 请求配置 -----
|
|||
|
|
# 请求方法:POST 或 GET(推荐 POST,更安全)
|
|||
|
|
method = "post"
|
|||
|
|
# 你的认证服务 URL(请替换为实际地址)
|
|||
|
|
url = "http://dj-multictrl-api:8080/api/mqtt/auth"
|
|||
|
|
|
|||
|
|
# 请求头
|
|||
|
|
headers {
|
|||
|
|
"Content-Type" = "application/json"
|
|||
|
|
"Accept" = "application/json"
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
# 请求体模板(支持占位符)
|
|||
|
|
body {
|
|||
|
|
username = "${username}"
|
|||
|
|
password = "${password}"
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
# ----- 性能与超时 -----
|
|||
|
|
request_timeout = "5s" # HTTP 请求超时时间
|
|||
|
|
pool_size = 8 # 连接池大小
|
|||
|
|
|
|||
|
|
# ----- 认证结果判断 -----
|
|||
|
|
# 服务端需返回 JSON 格式,包含 result 字段:
|
|||
|
|
# {"result": "allow"} → 允许连接
|
|||
|
|
# {"result": "deny"} → 拒绝连接
|
|||
|
|
# {"result": "ignore"} → 忽略,继续后续认证链
|
|||
|
|
# 如果返回 HTTP 4xx/5xx 状态码,视为 ignore
|
|||
|
|
}
|
|||
|
|
]
|