eclipse/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse/mosquitto.git synced 2025-05-09 01:01:11 +08:00
Code Issues Releases Wiki Activity
mosquitto/docker/2.0
History
Thomas De Backer cfe71470f2 Update docker documentation 
Signed-off-by: Thomas De Backer <mosterdt@debacker.me>
2025-02-25 17:18:17 +00:00
..
docker-entrypoint.sh
Improve Docker no-auth mode.
2021-03-03 17:14:16 +00:00
Dockerfile
Add tzdata to docker images to allow setting timezone
2024-11-01 10:48:10 +00:00
mosquitto-no-auth.conf
Allow Docker images to run with anon, without a config file.
2021-02-25 13:51:27 +00:00
README.md
Update docker documentation
2025-02-25 17:18:17 +00:00

README.md

Eclipse Mosquitto Docker Image

Containers built with this Dockerfile build as source from published tarballs.

Mount Points

A docker mount point has been created in the image to be used for configuration.

/mosquitto/config

Two docker volumes have been created in the image to be used for persistent storage and logs.

/mosquitto/data
/mosquitto/log

User/Group

The image runs mosquitto under the mosquitto user and group, which are created with a uid and gid of 1883.

Running without a configuration file

Mosquitto 2.0 requires you to configure listeners and authentication before it will allow connections from anything other than the loopback interface. In the context of a container, this means you would normally need to provide a configuration file with your settings.

If you wish to run mosquitto without any authentication, and without setting any other configuration options, you can do so by using a configuration provided in the container for this purpose:

docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf

Configuration

To use a custom configuration file, mount a local configuration file to /mosquitto/config/mosquitto.conf

docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>

Your configuration file must include a listener, and you must configure some form of authentication or allow unauthenticated access. If you do not do this, clients will be unable to connect.

File based authentication and authorisation:

listener 1883
password_file /mosquitto/data/mosquitto.password_file
acl_file /mosquitto/data/mosquitto.aclfile

Plugin based authentication and authorisation:

listener 1883
plugin /usr/lib/mosquitto_dynamic_security.so
plugin_opt_config_file /mosquitto/data/mosquitto-dynsec.json

Unauthenticated access:

listener 1883
allow_anonymous true

💥 if the mosquitto configuration (mosquitto.conf) was modified to use non-default ports, the docker run command will need to be updated to expose the ports that have been configured, for example:

docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>

Important: The default configuration only listens on the loopback interface. This means that there is no way to access Mosquitto in the docker container without using a custom configuration containing at least a listener. You also need to make a decision to allow anonymous connections or to set up a different method of client authentication.

i.e. to configure a Mosquitto docker container as if it was running locally, add the following to mosquitto.conf:

listener 1883
allow_anonymous true

Configuration can be changed to:

  • persist data to /mosquitto/data
  • log to /mosquitto/log/mosquitto.log

i.e. add the following to mosquitto.conf:

persistence true
persistence_location /mosquitto/data/

log_dest file /mosquitto/log/mosquitto.log

Note: For any volume used, the data will be persistent between containers.