added roles,acls for clients

2026-04-23 00:17:10 +08:00 · 2022-09-29 22:54:41 +05:30
parent f31c40408c
commit a95468111d
8 changed files with 347 additions and 100 deletions
@@ -42,6 +42,7 @@ services:
      METRICS_EXPORTER: "on"
      LICENSE_KEY: "YOUR_LICENSE_KEY"
      NETMAKER_ACCOUNT_ID: "YOUR_ACCOUNT_ID"
+      MQ_ADMIN_PASSWORD: "REPLACE_MQ_ADMIN_PASSWORD"
    ports:
      - "51821-51830:51821-51830/udp"
    expose:
@@ -112,21 +113,22 @@ services:
    depends_on:
      - netmaker
    restart: unless-stopped
+    command: ["/mosquitto/config/wait.sh"]
+    environment:
+      NETMAKER_SERVER_HOST: "api.NETMAKER_BASE_DOMAIN"
    volumes:
      - /root/mosquitto.conf:/mosquitto/config/mosquitto.conf
-      - /root/mosquitto.passwords:/etc/mosquitto.passwords
+      - /root/wait.sh:/mosquitto/config/wait.sh
      - mosquitto_data:/mosquitto/data
      - mosquitto_logs:/mosquitto/log
-      - shared_certs:/mosquitto/certs
    expose:
      - "8883"
    labels:
      - traefik.enable=true
-      - traefik.tcp.routers.mqtts.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
-      - traefik.tcp.routers.mqtts.tls.passthrough=true
-      - traefik.tcp.services.mqtts-svc.loadbalancer.server.port=8883
-      - traefik.tcp.routers.mqtts.service=mqtts-svc
-      - traefik.tcp.routers.mqtts.entrypoints=websecure
+      - traefik.tcp.routers.mqtt.rule=HostSNI(`broker.NETMAKER_BASE_DOMAIN`)
+      - traefik.tcp.routers.mqtt.tls.certresolver=http
+      - traefik.tcp.services.mqtt.loadbalancer.server.port=8883
+      - traefik.tcp.routers.mqtt.entrypoints=websecure
  prometheus:
    container_name: prometheus
    image: gravitl/netmaker-prometheus:latest