zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-04 00:17:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

get password from secret file

Browse Source
This commit is contained in:
Abhishek Kondur
2022-09-28 21:05:27 +05:30
parent fed66c4b8d
commit f31c40408c
3 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
compose/docker-compose.yml
View File

@@ -122,14 +122,13 @@ services:
- "8883" - "8883"
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.tcp.routers.mqtts.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`) - traefik.tcp.routers.mqtt.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
- traefik.tcp.routers.mqtts.tls.passthrough=true - traefik.tcp.routers.mqtt.tls.certresolver=http
- traefik.tcp.services.mqtts-svc.loadbalancer.server.port=8883 - traefik.tcp.services.mqtt.loadbalancer.server.port=8883
- traefik.tcp.routers.mqtts.service=mqtts-svc - traefik.tcp.routers.mqtt.entrypoints=websecure
- traefik.tcp.routers.mqtts.entrypoints=websecure
volumes: volumes:
traefik_certs: {} traefik_certs: {}
sqldata: {} sqldata: {}
dnsconfig: {} dnsconfig: {}
mosquitto_data: {} mosquitto_data: {}
mosquitto_logs: {} mosquitto_logs: {}

2
docker/mosquitto.conf
View File

@@ -1,8 +1,10 @@
per_listener_settings false per_listener_settings false
listener 8883 listener 8883
allow_anonymous false allow_anonymous false
listener 1883 listener 1883
allow_anonymous false allow_anonymous false
plugin /usr/lib/mosquitto_dynamic_security.so plugin /usr/lib/mosquitto_dynamic_security.so
plugin_opt_config_file /mosquitto/data/dynamic-security.json plugin_opt_config_file /mosquitto/data/dynamic-security.json

18
netclient/functions/daemon.go
View File

@@ -237,8 +237,14 @@ func setupMQTTSingleton(cfg *config.ClientConfig) error {
opts := mqtt.NewClientOptions() opts := mqtt.NewClientOptions()
server := cfg.Server.Server server := cfg.Server.Server
port := cfg.Server.MQPort port := cfg.Server.MQPort
opts.AddBroker("tcp://" + server + ":" + port) pass, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + cfg.Network)
mqclient = mqtt.NewClient(opts) if err != nil {
return fmt.Errorf("could not read secrets file %w", err)
}
opts.AddBroker("mqtts://" + server + ":" + port)
opts.SetUsername(cfg.Node.ID)
opts.SetPassword(string(pass))
mqclient := mqtt.NewClient(opts)
var connecterr error var connecterr error
opts.SetClientID(ncutils.MakeRandomString(23)) opts.SetClientID(ncutils.MakeRandomString(23))
if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil { if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil {
@@ -258,9 +264,13 @@ func setupMQTT(cfg *config.ClientConfig) error {
opts := mqtt.NewClientOptions() opts := mqtt.NewClientOptions()
server := cfg.Server.Server server := cfg.Server.Server
port := cfg.Server.MQPort port := cfg.Server.MQPort
opts.AddBroker(fmt.Sprintf("tcp://%s:%s", server, port)) pass, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + cfg.Network)
if err != nil {
return fmt.Errorf("could not read secrets file %w", err)
}
opts.AddBroker(fmt.Sprintf("mqtts://%s:%s", server, port))
opts.SetUsername(cfg.Node.ID) opts.SetUsername(cfg.Node.ID)
opts.SetPassword(cfg.Node.Password) opts.SetPassword(string(pass))
opts.SetClientID(ncutils.MakeRandomString(23)) opts.SetClientID(ncutils.MakeRandomString(23))
opts.SetDefaultPublishHandler(All) opts.SetDefaultPublishHandler(All)
opts.SetAutoReconnect(true) opts.SetAutoReconnect(true)