mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-04 16:33:49 +08:00
get password from secret file
This commit is contained in:
Abhishek Kondur
@@ -122,11 +122,10 @@ services:
|
|||||||
- "8883"
|
- "8883"
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.tcp.routers.mqtts.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
|
- traefik.tcp.routers.mqtt.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
|
||||||
- traefik.tcp.routers.mqtts.tls.passthrough=true
|
- traefik.tcp.routers.mqtt.tls.certresolver=http
|
||||||
- traefik.tcp.services.mqtts-svc.loadbalancer.server.port=8883
|
- traefik.tcp.services.mqtt.loadbalancer.server.port=8883
|
||||||
- traefik.tcp.routers.mqtts.service=mqtts-svc
|
- traefik.tcp.routers.mqtt.entrypoints=websecure
|
||||||
- traefik.tcp.routers.mqtts.entrypoints=websecure
|
|
||||||
volumes:
|
volumes:
|
||||||
traefik_certs: {}
|
traefik_certs: {}
|
||||||
sqldata: {}
|
sqldata: {}
|
||||||
|
|||||||
@@ -1,8 +1,10 @@
|
|||||||
per_listener_settings false
|
per_listener_settings false
|
||||||
listener 8883
|
listener 8883
|
||||||
allow_anonymous false
|
allow_anonymous false
|
||||||
|
|
||||||
listener 1883
|
listener 1883
|
||||||
allow_anonymous false
|
allow_anonymous false
|
||||||
|
|
||||||
plugin /usr/lib/mosquitto_dynamic_security.so
|
plugin /usr/lib/mosquitto_dynamic_security.so
|
||||||
plugin_opt_config_file /mosquitto/data/dynamic-security.json
|
plugin_opt_config_file /mosquitto/data/dynamic-security.json
|
||||||
|
|
||||||
|
|||||||
@@ -237,8 +237,14 @@ func setupMQTTSingleton(cfg *config.ClientConfig) error {
|
|||||||
opts := mqtt.NewClientOptions()
|
opts := mqtt.NewClientOptions()
|
||||||
server := cfg.Server.Server
|
server := cfg.Server.Server
|
||||||
port := cfg.Server.MQPort
|
port := cfg.Server.MQPort
|
||||||
opts.AddBroker("tcp://" + server + ":" + port)
|
pass, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + cfg.Network)
|
||||||
mqclient = mqtt.NewClient(opts)
|
if err != nil {
|
||||||
|
return fmt.Errorf("could not read secrets file %w", err)
|
||||||
|
}
|
||||||
|
opts.AddBroker("mqtts://" + server + ":" + port)
|
||||||
|
opts.SetUsername(cfg.Node.ID)
|
||||||
|
opts.SetPassword(string(pass))
|
||||||
|
mqclient := mqtt.NewClient(opts)
|
||||||
var connecterr error
|
var connecterr error
|
||||||
opts.SetClientID(ncutils.MakeRandomString(23))
|
opts.SetClientID(ncutils.MakeRandomString(23))
|
||||||
if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil {
|
if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil {
|
||||||
@@ -258,9 +264,13 @@ func setupMQTT(cfg *config.ClientConfig) error {
|
|||||||
opts := mqtt.NewClientOptions()
|
opts := mqtt.NewClientOptions()
|
||||||
server := cfg.Server.Server
|
server := cfg.Server.Server
|
||||||
port := cfg.Server.MQPort
|
port := cfg.Server.MQPort
|
||||||
opts.AddBroker(fmt.Sprintf("tcp://%s:%s", server, port))
|
pass, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + cfg.Network)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("could not read secrets file %w", err)
|
||||||
|
}
|
||||||
|
opts.AddBroker(fmt.Sprintf("mqtts://%s:%s", server, port))
|
||||||
opts.SetUsername(cfg.Node.ID)
|
opts.SetUsername(cfg.Node.ID)
|
||||||
opts.SetPassword(cfg.Node.Password)
|
opts.SetPassword(string(pass))
|
||||||
opts.SetClientID(ncutils.MakeRandomString(23))
|
opts.SetClientID(ncutils.MakeRandomString(23))
|
||||||
opts.SetDefaultPublishHandler(All)
|
opts.SetDefaultPublishHandler(All)
|
||||||
opts.SetAutoReconnect(true)
|
opts.SetAutoReconnect(true)
|
||||||
|
|||||||
Reference in New Issue
Block a user