Mirrors_Framework/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse-mosquitto/mosquitto.git synced 2026-02-05 10:40:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge from master

Browse Source
This commit is contained in:
Roger A. Light
2025-07-25 19:10:28 +01:00
parent 9b6f004499
commit b8ffdb878e
98 changed files with 900 additions and 882 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
docker/1.5-openssl/Dockerfile
View File

@@ -1,95 +0,0 @@
FROM alpine:3.18
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
ENV VERSION=1.5.11 \
DOWNLOAD_SHA256=4a3b8a8f5505d27a7a966dd68bfd76f1e69feb51796d1b46b7271d1bb5a1a299 \
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
LWS_VERSION=4.2.1 \
LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
RUN set -x && \
apk --no-cache add --virtual build-deps \
build-base \
cmake \
gnupg \
linux-headers \
openssl-dev \
util-linux-dev && \
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \
mkdir -p /build/lws && \
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
rm /tmp/lws.tar.gz && \
cd /build/lws && \
cmake . \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DCMAKE_INSTALL_PREFIX=/usr \
-DDISABLE_WERROR=ON \
-DLWS_IPV6=ON \
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
-DLWS_WITHOUT_CLIENT=ON \
-DLWS_WITHOUT_EXTENSIONS=ON \
-DLWS_WITHOUT_TESTAPPS=ON \
-DLWS_WITH_EXTERNAL_POLL=ON \
-DLWS_WITH_HTTP2=OFF \
-DLWS_WITH_SHARED=OFF \
-DLWS_WITH_ZIP_FOPS=OFF \
-DLWS_WITH_ZLIB=OFF && \
make -j "$(nproc)" && \
rm -rf /root/.cmake && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
export GNUPGHOME="$(mktemp -d)" && \
found=''; \
for server in \
hkps://keys.openpgp.org \
hkp://keyserver.ubuntu.com:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $GPG_KEYS from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
gpgconf --kill all && \
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
mkdir -p /build/mosq && \
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
rm /tmp/mosq.tar.gz && \
make -C /build/mosq -j "$(nproc)" \
CFLAGS="-Wall -O2 -I/build/lws/include -flto" \
LDFLAGS="-L/build/lws/lib -flto" \
WITH_ADNS=no \
WITH_DOCS=no \
WITH_SHARED_LIBRARIES=yes \
WITH_SRV=no \
WITH_STRIP=yes \
WITH_WEBSOCKETS=yes \
prefix=/usr \
binary && \
addgroup -S -g 1883 mosquitto 2>/dev/null && \
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
install -d /usr/sbin/ && \
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
install -s -m755 /build/mosq/src/mosquitto_passwd /usr/bin/mosquitto_passwd && \
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates libuuid && \
apk del build-deps && \
rm -rf /build
VOLUME ["/mosquitto/data", "/mosquitto/log"]
# Set up the entry point script and default command
COPY docker-entrypoint.sh /
EXPOSE 1883
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]

49
docker/1.5-openssl/README.md
View File

@@ -1,49 +0,0 @@
# Eclipse Mosquitto Docker Image
Containers built with this Dockerfile build as source from published tarballs.
## Mount Points
A docker mount point has been created in the image to be used for configuration.
```
/mosquitto/config
```
Two docker volumes have been created in the image to be used for persistent storage and logs.
```
/mosquitto/data
/mosquitto/log
```
## User/Group
The image runs mosquitto under the mosquitto user and group, which are created
with a uid and gid of 1883.
## Configuration
When creating a container from the image, the default configuration values are used.
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
```
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
:boom: if the mosquitto configuration (mosquitto.conf) was modified
to use non-default ports, the docker run command will need to be updated
to expose the ports that have been configured, for example:
```
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
Configuration can be changed to:
* persist data to `/mosquitto/data`
* log to `/mosquitto/log/mosquitto.log`
i.e. add the following to `mosquitto.conf`:
```
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
```
**Note**: For any volume used, the data will be persistent between containers.

10
docker/1.5-openssl/docker-entrypoint.sh
View File

@@ -1,10 +0,0 @@
#!/bin/ash
set -e
# Set permissions
user="$(id -u)"
if [ "$user" = '0' ]; then
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
fi
exec "$@"

95
docker/1.5/Dockerfile
View File

@@ -1,95 +0,0 @@
FROM alpine:3.14
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
ENV VERSION=1.5.11 \
DOWNLOAD_SHA256=4a3b8a8f5505d27a7a966dd68bfd76f1e69feb51796d1b46b7271d1bb5a1a299 \
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
LWS_VERSION=2.4.2 \
LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6
RUN set -x && \
apk --no-cache add --virtual build-deps \
build-base \
cmake \
gnupg \
libressl-dev \
util-linux-dev && \
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \
mkdir -p /build/lws && \
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
rm /tmp/lws.tar.gz && \
cd /build/lws && \
cmake . \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DCMAKE_INSTALL_PREFIX=/usr \
-DLWS_IPV6=ON \
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
-DLWS_WITHOUT_CLIENT=ON \
-DLWS_WITHOUT_EXTENSIONS=ON \
-DLWS_WITHOUT_TESTAPPS=ON \
-DLWS_WITH_HTTP2=OFF \
-DLWS_WITH_SHARED=OFF \
-DLWS_WITH_ZIP_FOPS=OFF \
-DLWS_WITH_ZLIB=OFF && \
make -j "$(nproc)" && \
rm -rf /root/.cmake && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
export GNUPGHOME="$(mktemp -d)" && \
found=''; \
for server in \
hkps://keys.openpgp.org \
hkp://keyserver.ubuntu.com:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $GPG_KEYS from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
gpgconf --kill all && \
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
mkdir -p /build/mosq && \
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
rm /tmp/mosq.tar.gz && \
make -C /build/mosq -j "$(nproc)" \
CFLAGS="-Wall -O2 -I/build/lws/include -flto" \
LDFLAGS="-L/build/lws/lib -flto" \
WITH_ADNS=no \
WITH_DOCS=no \
WITH_SHARED_LIBRARIES=yes \
WITH_SRV=no \
WITH_STRIP=yes \
WITH_TLS_PSK=no \
WITH_WEBSOCKETS=yes \
prefix=/usr \
binary && \
addgroup -S -g 1883 mosquitto 2>/dev/null && \
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
install -d /usr/sbin/ && \
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
install -s -m755 /build/mosq/src/mosquitto_passwd /usr/bin/mosquitto_passwd && \
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates \
libressl \
libuuid && \
apk del build-deps && \
rm -rf /build
VOLUME ["/mosquitto/data", "/mosquitto/log"]
# Set up the entry point script and default command
COPY docker-entrypoint.sh /
EXPOSE 1883
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]

49
docker/1.5/README.md
View File

@@ -1,49 +0,0 @@
# Eclipse Mosquitto Docker Image
Containers built with this Dockerfile build as source from published tarballs.
## Mount Points
A docker mount point has been created in the image to be used for configuration.
```
/mosquitto/config
```
Two docker volumes have been created in the image to be used for persistent storage and logs.
```
/mosquitto/data
/mosquitto/log
```
## User/Group
The image runs mosquitto under the mosquitto user and group, which are created
with a uid and gid of 1883.
## Configuration
When creating a container from the image, the default configuration values are used.
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
```
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
:boom: if the mosquitto configuration (mosquitto.conf) was modified
to use non-default ports, the docker run command will need to be updated
to expose the ports that have been configured, for example:
```
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
Configuration can be changed to:
* persist data to `/mosquitto/data`
* log to `/mosquitto/log/mosquitto.log`
i.e. add the following to `mosquitto.conf`:
```
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
```
**Note**: For any volume used, the data will be persistent between containers.

10
docker/1.5/docker-entrypoint.sh
View File

@@ -1,10 +0,0 @@
#!/bin/ash
set -e
# Set permissions
user="$(id -u)"
if [ "$user" = '0' ]; then
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
fi
exec "$@"

5
docker/1.6-openssl/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM alpine:3.18
FROM alpine:3.22
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
@@ -86,7 +86,8 @@ RUN set -x && \
install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates && \
ca-certificates \
tzdata && \
apk del build-deps && \
rm -rf /build

101
docker/1.6/Dockerfile
View File

@@ -1,101 +0,0 @@
FROM alpine:3.14
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
ENV VERSION=1.6.15 \
DOWNLOAD_SHA256=5ff2271512f745bf1a451072cd3768a5daed71e90c5179fae12b049d6c02aa0f \
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
LWS_VERSION=4.2.1 \
LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
RUN set -x && \
apk --no-cache add --virtual build-deps \
build-base \
cmake \
gnupg \
libressl-dev \
linux-headers \
util-linux-dev && \
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \
mkdir -p /build/lws && \
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
rm /tmp/lws.tar.gz && \
cd /build/lws && \
cmake . \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DCMAKE_INSTALL_PREFIX=/usr \
-DDISABLE_WERROR=ON \
-DLWS_IPV6=ON \
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
-DLWS_WITHOUT_CLIENT=ON \
-DLWS_WITHOUT_EXTENSIONS=ON \
-DLWS_WITHOUT_TESTAPPS=ON \
-DLWS_WITH_EXTERNAL_POLL=ON \
-DLWS_WITH_HTTP2=OFF \
-DLWS_WITH_SHARED=OFF \
-DLWS_WITH_ZIP_FOPS=OFF \
-DLWS_WITH_ZLIB=OFF && \
make -j "$(nproc)" && \
rm -rf /root/.cmake && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
export GNUPGHOME="$(mktemp -d)" && \
found=''; \
for server in \
hkps://keys.openpgp.org \
hkp://keyserver.ubuntu.com:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $GPG_KEYS from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
gpgconf --kill all && \
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
mkdir -p /build/mosq && \
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
rm /tmp/mosq.tar.gz && \
make -C /build/mosq -j "$(nproc)" \
CFLAGS="-Wall -O2 -I/build/lws/include" \
LDFLAGS="-L/build/lws/lib" \
WITH_ADNS=no \
WITH_DOCS=no \
WITH_SHARED_LIBRARIES=yes \
WITH_SRV=no \
WITH_STRIP=yes \
WITH_TLS_PSK=no \
WITH_WEBSOCKETS=yes \
prefix=/usr \
binary && \
addgroup -S -g 1883 mosquitto 2>/dev/null && \
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
install -d /usr/sbin/ && \
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
install -s -m755 /build/mosq/client/mosquitto_rr /usr/bin/mosquitto_rr && \
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
install -s -m755 /build/mosq/src/mosquitto_passwd /usr/bin/mosquitto_passwd && \
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \
install -Dm644 /build/mosq/epl-v10 /usr/share/licenses/mosquitto/epl-v10 && \
install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates \
libressl && \
apk del build-deps && \
rm -rf /build
VOLUME ["/mosquitto/data", "/mosquitto/log"]
# Set up the entry point script and default command
COPY docker-entrypoint.sh /
EXPOSE 1883
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]

49
docker/1.6/README.md
View File

@@ -1,49 +0,0 @@
# Eclipse Mosquitto Docker Image
Containers built with this Dockerfile build as source from published tarballs.
## Mount Points
A docker mount point has been created in the image to be used for configuration.
```
/mosquitto/config
```
Two docker volumes have been created in the image to be used for persistent storage and logs.
```
/mosquitto/data
/mosquitto/log
```
## User/Group
The image runs mosquitto under the mosquitto user and group, which are created
with a uid and gid of 1883.
## Configuration
When creating a container from the image, the default configuration values are used.
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
```
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
:boom: if the mosquitto configuration (mosquitto.conf) was modified
to use non-default ports, the docker run command will need to be updated
to expose the ports that have been configured, for example:
```
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
Configuration can be changed to:
* persist data to `/mosquitto/data`
* log to `/mosquitto/log/mosquitto.log`
i.e. add the following to `mosquitto.conf`:
```
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
```
**Note**: For any volume used, the data will be persistent between containers.

10
docker/1.6/docker-entrypoint.sh
View File

@@ -1,10 +0,0 @@
#!/bin/ash
set -e
# Set permissions
user="$(id -u)"
if [ "$user" = '0' ]; then
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
fi
exec "$@"

9
docker/2.0-openssl/Dockerfile
View File

@@ -1,10 +1,10 @@
FROM alpine:3.20
FROM alpine:3.22
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
ENV VERSION=2.0.20 \
DOWNLOAD_SHA256=ebd07d89d2a446a7f74100ad51272e4a8bf300b61634a7812e19f068f2759de8 \
ENV VERSION=2.0.22 \
DOWNLOAD_SHA256=2f752589ef7db40260b633fbdb536e9a04b446a315138d64a7ff3c14e2de6b68 \
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
LWS_VERSION=4.2.1 \
LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
@@ -90,7 +90,8 @@ RUN set -x && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates \
cjson && \
cjson \
tzdata && \
apk del build-deps && \
rm -rf /build

13
docker/2.0-openssl/README.md
View File

@@ -71,6 +71,19 @@ to expose the ports that have been configured, for example:
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
**Important**: The default configuration only listens on the loopback
interface. This means that there is no way to access Mosquitto in the docker
container without using a custom configuration containing at least a listener.
You also need to make a decision to allow anonymous connections or to set up a
different method of client authentication.
i.e. to configure a Mosquitto docker container as if it was running locally,
add the following to `mosquitto.conf`:
```
listener 1883
allow_anonymous true
```
Configuration can be changed to:
* persist data to `/mosquitto/data`

105
docker/2.0/Dockerfile
View File

@@ -1,105 +0,0 @@
FROM alpine:3.20
LABEL maintainer="Roger Light <roger@atchoo.org>" \
description="Eclipse Mosquitto MQTT Broker"
ENV VERSION=2.0.19 \
DOWNLOAD_SHA256=33af3637f119a61c509c01d2f8f6cc3d8be76f49e850132f2860af142abf82a9 \
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
LWS_VERSION=4.2.1 \
LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51
RUN set -x && \
apk --no-cache add --virtual build-deps \
build-base \
cmake \
cjson-dev \
gnupg \
libressl-dev \
linux-headers \
util-linux-dev && \
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \
mkdir -p /build/lws && \
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
rm /tmp/lws.tar.gz && \
cd /build/lws && \
cmake . \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DCMAKE_INSTALL_PREFIX=/usr \
-DDISABLE_WERROR=ON \
-DLWS_IPV6=ON \
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
-DLWS_WITHOUT_CLIENT=ON \
-DLWS_WITHOUT_EXTENSIONS=ON \
-DLWS_WITHOUT_TESTAPPS=ON \
-DLWS_WITH_EXTERNAL_POLL=ON \
-DLWS_WITH_HTTP2=OFF \
-DLWS_WITH_SHARED=OFF \
-DLWS_WITH_ZIP_FOPS=OFF \
-DLWS_WITH_ZLIB=OFF && \
make -j "$(nproc)" && \
rm -rf /root/.cmake && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
export GNUPGHOME="$(mktemp -d)" && \
found=''; \
for server in \
hkps://keys.openpgp.org \
hkp://keyserver.ubuntu.com:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $GPG_KEYS from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
gpgconf --kill all && \
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
mkdir -p /build/mosq && \
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
rm /tmp/mosq.tar.gz && \
make -C /build/mosq -j "$(nproc)" \
CFLAGS="-Wall -O2 -I/build/lws/include -I/build" \
LDFLAGS="-L/build/lws/lib" \
WITH_ADNS=no \
WITH_DOCS=no \
WITH_SHARED_LIBRARIES=yes \
WITH_SRV=no \
WITH_STRIP=yes \
WITH_TLS_PSK=no \
WITH_WEBSOCKETS=yes \
prefix=/usr \
binary && \
addgroup -S -g 1883 mosquitto 2>/dev/null && \
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
install -d /usr/sbin/ && \
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
install -s -m755 /build/mosq/client/mosquitto_rr /usr/bin/mosquitto_rr && \
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
install -s -m755 /build/mosq/apps/mosquitto_ctrl/mosquitto_ctrl /usr/bin/mosquitto_ctrl && \
install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \
install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \
install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates \
cjson \
libressl && \
apk del build-deps && \
rm -rf /build
VOLUME ["/mosquitto/data", "/mosquitto/log"]
# Set up the entry point script and default command
COPY docker-entrypoint.sh mosquitto-no-auth.conf /
EXPOSE 1883
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]

87
docker/2.0/README.md
View File

@@ -1,87 +0,0 @@
# Eclipse Mosquitto Docker Image
Containers built with this Dockerfile build as source from published tarballs.
## Mount Points
A docker mount point has been created in the image to be used for configuration.
```
/mosquitto/config
```
Two docker volumes have been created in the image to be used for persistent storage and logs.
```
/mosquitto/data
/mosquitto/log
```
## User/Group
The image runs mosquitto under the mosquitto user and group, which are created
with a uid and gid of 1883.
## Running without a configuration file
Mosquitto 2.0 requires you to configure listeners and authentication before it
will allow connections from anything other than the loopback interface. In the
context of a container, this means you would normally need to provide a
configuration file with your settings.
If you wish to run mosquitto without any authentication, and without setting
any other configuration options, you can do so by using a configuration
provided in the container for this purpose:
```
docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf
```
## Configuration
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
```
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
Your configuration file must include a `listener`, and you must configure some
form of authentication or allow unauthenticated access. If you do not do this,
clients will be unable to connect.
File based authentication and authorisation:
```
listener 1883
password_file /mosquitto/data/mosquitto.password_file
acl_file /mosquitto/data/mosquitto.aclfile
```
Plugin based authentication and authorisation:
```
listener 1883
plugin /usr/lib/mosquitto_dynamic_security.so
plugin_opt_config_file /mosquitto/data/mosquitto-dynsec.json
```
Unauthenticated access:
```
listener 1883
allow_anonymous true
```
:boom: if the mosquitto configuration (mosquitto.conf) was modified
to use non-default ports, the docker run command will need to be updated
to expose the ports that have been configured, for example:
```
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
```
Configuration can be changed to:
* persist data to `/mosquitto/data`
* log to `/mosquitto/log/mosquitto.log`
i.e. add the following to `mosquitto.conf`:
```
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
```
**Note**: For any volume used, the data will be persistent between containers.

10
docker/2.0/docker-entrypoint.sh
View File

@@ -1,10 +0,0 @@
#!/bin/ash
set -e
# Set permissions
user="$(id -u)"
if [ "$user" = '0' ]; then
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
fi
exec "$@"

5
docker/2.0/mosquitto-no-auth.conf
View File

@@ -1,5 +0,0 @@
# This is a Mosquitto configuration file that creates a listener on port 1883
# that allows unauthenticated access.
listener 1883
allow_anonymous true

13
docker/generic/Dockerfile
View File

@@ -13,6 +13,16 @@ ENV \
CJSON_VERSION=1.7.14 \
CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343
LABEL \
org.opencontainers.image.authors="Roger Light <roger@atchoo.org>" \
org.opencontainers.image.title="mosquitto" \
org.opencontainers.image.description="Eclipse Mosquitto MQTT Broker" \
org.opencontainers.image.url="https://mosquitto.org/" \
org.opencontainers.image.documentation="https://mosquitto.org/documentation/" \
org.opencontainers.image.source="https://github.com/eclipse-mosquitto/mosquitto" \
org.opencontainers.image.licenses="EPL-2.0" \
org.opencontainers.image.version=${VERSION}
RUN set -x && \
apk --no-cache add --virtual build-deps \
build-base \
@@ -108,7 +118,8 @@ RUN set -x && \
install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \
chown -R mosquitto:mosquitto /mosquitto && \
apk --no-cache add \
ca-certificates && \
ca-certificates \
tzdata && \
apk del build-deps && \
rm -rf /build

13
docker/generic/README.md
View File

@@ -58,3 +58,16 @@ docker run -it -p 1883:1883 -v <path-to-configuration-file>:/mosquitto/config/mo
:boom: if the mosquitto configuration (mosquitto.conf) was modified
to use non-default ports, the docker run command will need to be updated
to expose the ports that have been configured.
**Important**: The default configuration only listens on the
loopback interface. This means that there is no way to access Mosquitto in the
docker container without using a custom configuration containing at least
a listener. You also need to make a decision to allow anonymous connections or
to set up a different method of client authentication.
i.e. to configure a Mosquitto docker container as if it was running locally,
add the following to `mosquitto.conf`:
```
listener 1883
allow_anonymous true
```

3
docker/local/Dockerfile
View File

@@ -50,7 +50,8 @@ RUN set -x && \
argon2-libs \
ca-certificates \
cjson \
sqlite-libs && \
sqlite-libs \
tzdata && \
apk del build-deps && \
rm -rf /build