Differences

This shows you the differences between two versions of the page.

--- services:svxreflector [2020/04/18 08:25] – [Patchage et construction du paquet] f4hof
+++ services:svxreflector [2023/03/16 16:24] (current) – f4hof
@@ Line 296: / Line 296: @@
 Cordialement,
 </code>
+===== Plan de commande relais =====
+==== Mosquitto ====
+Remplacer ''admin-user'' par le nom d'utilisateur de votre administrateur pour le plugin de sécurité dynamique.
+<code bash>
+apt install mosquitto
+mosquitto_ctrl dynsec init /var/lib/mosquitto/dynamic-security.json admin-user
+chown mosquitto:mosquitto /var/lib/mosquitto/dynamic-security.json
+</code>
+<code - /etc/mosquitto/conf.d/general.conf>listener 1883
+allow_anonymous false
+per_listener_settings false
+plugin /usr/lib/x86_64-linux-gnu/mosquitto_dynamic_security.so
+plugin_opt_config_file /var/lib/mosquitto/dynamic-security.json</code>
+FIXME TODO
+<code bash>
+systemctl restart mosquitto.service
+ufw allow from any to any port 1883
+mosquitto_ctrl dynsec createRole repeater
+mosquitto_ctrl dynsec addRoleACL repeater subscribePattern repeaters/%u allow 0
+mosquitto_ctrl dynsec addRoleACL repeater publishClientSend repeaters/%u/ack allow 0
+mosquitto_ctrl dynsec createRole masterController
+mosquitto_ctrl dynsec addRoleACL masterController publishClientSend repeaters/+ allow 0
+mosquitto_ctrl dynsec addRoleACL masterController subscribePattern repeaters/+/ack allow 0
+mosquitto_ctrl dynsec createGroup gr_admin
+mosquitto_ctrl dynsec createGroup gr_master_controllers
+mosquitto_ctrl dynsec createGroup gr_repeaters
+mosquitto_ctrl dynsec addGroupRole gr_admin admin
+mosquitto_ctrl dynsec addGroupRole gr_repeaters repeater
+mosquitto_ctrl dynsec addGroupRole gr_master_controllers masterController
+</code>
+Where acltype is one of publishClientSend, publishClientReceive, subscribeLiteral, subscribePattern, unsubscribeLiteral, and unsubscribePattern.
+https://mosquitto.org/documentation/dynamic-security/#creating-and-modifying-roles