|
@@ -1,150 +0,0 @@
|
|
|
-## EMQX安装和配置
|
|
|
-### 安装
|
|
|
-参考官方文档:[https://www.emqx.io/docs/zh/v4.3/getting-started/getting-started.html](https://www.emqx.io/docs/zh/v4.3/getting-started/getting-started.html)
|
|
|
-### 配置
|
|
|
-#### emqx认证配置
|
|
|
-emqx安装目录/etc/plugins/emqx_auth_http.conf
|
|
|
-```properties
|
|
|
-auth.http.auth_req.url = http://127.0.0.1:8082/mqtt/auth
|
|
|
-auth.http.auth_req.headers.content_type = application/json
|
|
|
-auth.http.auth_req.params = clientid=%c,username=%u,password=%P
|
|
|
-auth.http.acl_req.url = http://127.0.0.1:8082/mqtt/acl
|
|
|
-auth.http.acl_req.method = post
|
|
|
-auth.http.acl_req.headers.content-type = application/json
|
|
|
-auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m
|
|
|
-```
|
|
|
-#### emqx插件启用配置
|
|
|
-emqx安装目录/data/loaded_plugins
|
|
|
-需要配置的项:
|
|
|
-```erlang
|
|
|
-{emqx_dashboard, true}.
|
|
|
-{emqx_rule_engine, true}.
|
|
|
-{emqx_auth_http, true}.
|
|
|
-```
|
|
|
-#### emqx规则引擎配置
|
|
|
-启动emqx,进行管理后台界面
|
|
|
-新建规则
|
|
|
-
|
|
|
-
|
|
|
-具体配置如下:
|
|
|
-**client_disconnected:**
|
|
|
-```sql
|
|
|
-SELECT
|
|
|
- reason,
|
|
|
- clientid,
|
|
|
- username,
|
|
|
- peername,
|
|
|
- socketname
|
|
|
-FROM
|
|
|
- "$events/client_connected"
|
|
|
-```
|
|
|
-```json
|
|
|
-Type: republish
|
|
|
-target_topic: /sys/client/connected
|
|
|
-target_qos: 1
|
|
|
-payload_tmpl: {"reason":"${reason}","clientid":"${clientid}","username":"${username}","peername":"${peername}","socketname":"${socketname}"}
|
|
|
-```
|
|
|
-**client_connected**:
|
|
|
-```sql
|
|
|
-SELECT
|
|
|
- reason,
|
|
|
- clientid,
|
|
|
- username,
|
|
|
- peername,
|
|
|
- socketname
|
|
|
-FROM
|
|
|
- "$events/client_disconnected"
|
|
|
-```
|
|
|
-```json
|
|
|
-Type: republish
|
|
|
-target_topic: /sys/client/disconnected
|
|
|
-target_qos: 1
|
|
|
-payload_tmpl: {"reason":"${reason}","clientid":"${clientid}","username":"${username}","peername":"${peername}","socketname":"${socketname}"}
|
|
|
-```
|
|
|
-
|
|
|
-
|
|
|
-## keycloak安装和配置
|
|
|
-Keycloak 为现代应用和分布式服务提供了一套完整的认证授权管理解决方案,它是开源的,是一个独立的认证授权服务器。官网:[https://www.keycloak.org/](https://www.keycloak.org/)
|
|
|
-下载:
|
|
|
-[https://www.keycloak.org/downloads](https://www.keycloak.org/downloads)
|
|
|
-解压启动即可
|
|
|
-如果不是部署在本机,需要将config/keycloak.conf中的hostname改为可以外部访问的IP或域名
|
|
|
-### 配置
|
|
|
-启动后进行管理后台:
|
|
|
-
|
|
|
-#### 添加一个realm
|
|
|
-
|
|
|
-
|
|
|
-#### 添加client
|
|
|
-
|
|
|
-特别注意:
|
|
|
-_ Valid Redirect URIs 需要填写iot系统前端的访问地址,以/*结尾,点“+”可以填多个_
|
|
|
-#### 添加角色
|
|
|
-
|
|
|
-#### 新增用户组
|
|
|
-client为C端用户组,platform为平台用户组
|
|
|
-
|
|
|
-#### 新增一个管理员用户
|
|
|
-
|
|
|
-并设置密码:
|
|
|
-
|
|
|
-指定用户角色:
|
|
|
-
|
|
|
-指定用户组:
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-#### 新增一个keycloak api用户
|
|
|
-用于调用keycloak接口
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-## mongodb安装和配置
|
|
|
-
|
|
|
-
|
|
|
-本人用的是阿里云的mongodb serverless版,1.27元/天,简单快捷省去搭建和维护工作
|
|
|
-购买后,生成公网链接、添加数据库访问白名单即可
|
|
|
-## 程序配置
|
|
|
-平台由4个独立启动的程序构成:
|
|
|
-**mqtt-auth**:用于emqx的auth_http认证,见《[emqx认证配置](#CLNCe)》
|
|
|
-**mqtt-server**:用于设备消息处理(事件上报、服务回复、设备上下线)和设备指令下发
|
|
|
-**manager**:为iot-console-web提供后台接口,以及执行其它业务逻辑
|
|
|
-**iot-console-web**:iot平台pc端前端程序
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-### mqtt-auth
|
|
|
-#### 程序结构
|
|
|
-
|
|
|
-#### 配置
|
|
|
-```yaml
|
|
|
-spring:
|
|
|
- data:
|
|
|
- mongodb:
|
|
|
- uri: mongodb://填写mongodb地址/admin
|
|
|
- database: iotkit
|
|
|
-```
|
|
|
-
|
|
|
-
|
|
|
-### mqtt-server
|
|
|
-#### 程序结构
|
|
|
-
|
|
|
-#### 配置
|
|
|
-```yaml
|
|
|
-spring:
|
|
|
- data:
|
|
|
- mongodb:
|
|
|
- uri: mongodb://填写mongodb地址/admin
|
|
|
- database: iotkit
|
|
|
-
|
|
|
- cache:
|
|
|
- cache-names: foo,bar
|
|
|
- caffeine:
|
|
|
- spec: maximumSize=5000,expireAfterAccess=120s
|
|
|
-
|
|
|
-mqtt:
|
|
|
- url: tcp://填写mqtt连接地址
|
|
|
-
|
|
|
-```
|
|
|
-
|
|
|
-
|