Fixed findings
This commit is contained in:
158
setup.sh
Normal file → Executable file
158
setup.sh
Normal file → Executable file
@@ -1,40 +1,85 @@
|
||||
#!/bin/bash
|
||||
|
||||
# MQTT Setup Script - Erstellt User für Mosquitto
|
||||
# ================================================
|
||||
#
|
||||
# Verwendung:
|
||||
# ./setup.sh - Erstellt alle User aus .env
|
||||
# ./setup.sh create <username> <password> - Erstellt einzelnen User
|
||||
set -euo pipefail
|
||||
|
||||
set -e
|
||||
COMPOSE_CMD=${COMPOSE_CMD:-"docker compose"}
|
||||
PASSWORD_FILE="config/passwords.txt"
|
||||
PASSWORD_TEMPLATE="config/passwords.txt.template"
|
||||
|
||||
ensure_password_file() {
|
||||
if [ -f "$PASSWORD_FILE" ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
if [ -f "$PASSWORD_TEMPLATE" ]; then
|
||||
cp "$PASSWORD_TEMPLATE" "$PASSWORD_FILE"
|
||||
else
|
||||
touch "$PASSWORD_FILE"
|
||||
fi
|
||||
|
||||
chmod 640 "$PASSWORD_FILE" 2>/dev/null || true
|
||||
echo "🆕 Passwort-Datei $PASSWORD_FILE angelegt."
|
||||
}
|
||||
|
||||
require_docker() {
|
||||
if ! docker info >/dev/null 2>&1; then
|
||||
echo "❌ Fehler: Docker ist nicht gestartet!"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
mosquitto_running() {
|
||||
docker ps --format '{{.Names}}' | grep -qx 'mosquitto'
|
||||
}
|
||||
|
||||
ensure_mosquitto_service() {
|
||||
if mosquitto_running; then
|
||||
return
|
||||
fi
|
||||
|
||||
echo "⚠️ Mosquitto Container läuft nicht. Starte Container..."
|
||||
ensure_password_file
|
||||
$COMPOSE_CMD up -d mosquitto
|
||||
echo "⏳ Warte 5 Sekunden bis Mosquitto gestartet ist..."
|
||||
sleep 5
|
||||
}
|
||||
|
||||
compose_exec_mosquitto() {
|
||||
$COMPOSE_CMD exec -T mosquitto "$@"
|
||||
}
|
||||
|
||||
create_user() {
|
||||
local USERNAME=$1
|
||||
local PASSWORD=$2
|
||||
local LABEL=$3
|
||||
|
||||
echo "➡️ Erstelle $LABEL"
|
||||
compose_exec_mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$USERNAME" "$PASSWORD"
|
||||
echo " ✅ User: $USERNAME erstellt"
|
||||
}
|
||||
|
||||
# CLI-Modus: Einzelnen User erstellen
|
||||
if [ "$1" == "create" ]; then
|
||||
if [ -z "$2" ] || [ -z "$3" ]; then
|
||||
if [ "${1:-}" == "create" ]; then
|
||||
if [ -z "${2:-}" ] || [ -z "${3:-}" ]; then
|
||||
echo "❌ Fehler: Username und Passwort erforderlich!"
|
||||
echo "Verwendung: $0 create <username> <password>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
require_docker
|
||||
ensure_password_file
|
||||
|
||||
if ! mosquitto_running; then
|
||||
echo "❌ Fehler: Mosquitto Container läuft nicht!"
|
||||
echo "Starte zuerst die Container mit: docker compose up -d"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
USERNAME="$2"
|
||||
PASSWORD="$3"
|
||||
|
||||
# Prüfe ob Docker läuft
|
||||
if ! docker info > /dev/null 2>&1; then
|
||||
echo "❌ Fehler: Docker ist nicht gestartet!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Prüfe ob Container läuft
|
||||
if ! docker ps | grep -q mosquitto; then
|
||||
echo "❌ Fehler: Mosquitto Container läuft nicht!"
|
||||
echo "Starte zuerst die Container mit: docker compose up -d"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "📝 Erstelle User: $USERNAME"
|
||||
docker exec mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$USERNAME" "$PASSWORD"
|
||||
compose_exec_mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$USERNAME" "$PASSWORD"
|
||||
echo "✅ User $USERNAME erfolgreich erstellt/aktualisiert!"
|
||||
echo ""
|
||||
echo "⚠️ Vergiss nicht, ACL-Regeln in config/acl.conf anzupassen!"
|
||||
@@ -42,24 +87,25 @@ if [ "$1" == "create" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Lade Umgebungsvariablen aus .env
|
||||
if [ ! -f .env ]; then
|
||||
echo "❌ Fehler: .env Datei nicht gefunden!"
|
||||
echo "Bitte erstelle eine .env Datei basierend auf .env.example"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Lade .env und exportiere Variablen
|
||||
set -a
|
||||
source .env
|
||||
set +a
|
||||
|
||||
ensure_password_file
|
||||
require_docker
|
||||
ensure_mosquitto_service
|
||||
|
||||
echo "================================================"
|
||||
echo "MQTT Server Setup - Benutzer erstellen"
|
||||
echo "================================================"
|
||||
echo ""
|
||||
|
||||
# Validiere dass alle benötigten Variablen gesetzt sind
|
||||
required_vars=(
|
||||
"MQTT_ADMIN_USERNAME" "MQTT_ADMIN_PASSWORD"
|
||||
"MQTT_PANEL_USERNAME" "MQTT_PANEL_PASSWORD"
|
||||
@@ -76,51 +122,12 @@ for var in "${required_vars[@]}"; do
|
||||
fi
|
||||
done
|
||||
|
||||
# Prüfe ob Docker läuft
|
||||
if ! docker info > /dev/null 2>&1; then
|
||||
echo "❌ Fehler: Docker ist nicht gestartet!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Prüfe ob Container läuft
|
||||
if ! docker ps | grep -q mosquitto; then
|
||||
echo "⚠️ Mosquitto Container läuft nicht. Starte Container..."
|
||||
docker compose up -d mosquitto
|
||||
echo "⏳ Warte 5 Sekunden bis Mosquitto gestartet ist..."
|
||||
sleep 5
|
||||
fi
|
||||
|
||||
echo "📝 Erstelle Benutzer in der Passwort-Datei..."
|
||||
echo ""
|
||||
|
||||
# Admin User
|
||||
echo "➡️ Erstelle Admin User (Vollzugriff)"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_ADMIN_USERNAME" "$MQTT_ADMIN_PASSWORD"
|
||||
echo " ✅ User: $MQTT_ADMIN_USERNAME erstellt"
|
||||
|
||||
# Panel User für Web UI
|
||||
echo "➡️ Erstelle Panel User (für Web Dashboard)"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_PANEL_USERNAME" "$MQTT_PANEL_PASSWORD"
|
||||
echo " ✅ User: $MQTT_PANEL_USERNAME erstellt"
|
||||
|
||||
# Test User
|
||||
echo "➡️ Erstelle Test User"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_TESTUSER_USERNAME" "$MQTT_TESTUSER_PASSWORD"
|
||||
echo " ✅ User: $MQTT_TESTUSER_USERNAME erstellt"
|
||||
|
||||
# Device User
|
||||
echo "➡️ Erstelle Device1 User"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_DEVICE1_USERNAME" "$MQTT_DEVICE1_PASSWORD"
|
||||
echo " ✅ User: $MQTT_DEVICE1_USERNAME erstellt"
|
||||
|
||||
echo "➡️ Erstelle Device2 User"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_DEVICE2_USERNAME" "$MQTT_DEVICE2_PASSWORD"
|
||||
echo " ✅ User: $MQTT_DEVICE2_USERNAME erstellt"
|
||||
|
||||
# Monitor User (Read-Only)
|
||||
echo "➡️ Erstelle Monitor User (Read-Only)"
|
||||
docker exec -it mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_MONITOR_USERNAME" "$MQTT_MONITOR_PASSWORD"
|
||||
echo " ✅ User: $MQTT_MONITOR_USERNAME erstellt"
|
||||
create_user "$MQTT_ADMIN_USERNAME" "$MQTT_ADMIN_PASSWORD" "Admin User (Vollzugriff)"
|
||||
create_user "$MQTT_PANEL_USERNAME" "$MQTT_PANEL_PASSWORD" "Panel User (für Web Dashboard)"
|
||||
create_user "$MQTT_TESTUSER_USERNAME" "$MQTT_TESTUSER_PASSWORD" "Test User"
|
||||
create_user "$MQTT_DEVICE1_USERNAME" "$MQTT_DEVICE1_PASSWORD" "Device1 User"
|
||||
create_user "$MQTT_DEVICE2_USERNAME" "$MQTT_DEVICE2_PASSWORD" "Device2 User"
|
||||
create_user "$MQTT_MONITOR_USERNAME" "$MQTT_MONITOR_PASSWORD" "Monitor User (Read-Only)"
|
||||
|
||||
echo ""
|
||||
echo "================================================"
|
||||
@@ -137,15 +144,14 @@ echo " - $MQTT_MONITOR_USERNAME (Read-Only)"
|
||||
echo ""
|
||||
echo "⚠️ Passwörter sind in der .env Datei definiert"
|
||||
echo ""
|
||||
echo "Mosquitto neu laden..."
|
||||
docker exec mosquitto mosquitto -c /mosquitto/config/mosquitto.conf &
|
||||
|
||||
echo ""
|
||||
$COMPOSE_CMD restart mosquitto >/dev/null
|
||||
|
||||
echo "🚀 MQTT Broker läuft auf:"
|
||||
echo " - MQTT: localhost:1883"
|
||||
echo " - WebSocket: ws://localhost:9001"
|
||||
echo " - Web Dashboard: http://localhost:8080"
|
||||
echo " - Web Dashboard: http://localhost:5000"
|
||||
echo ""
|
||||
echo "📡 Öffentliches Topic ohne Authentifizierung:"
|
||||
echo " - public/*"
|
||||
echo " - public/* (read-only)"
|
||||
echo ""
|
||||
|
||||
Reference in New Issue
Block a user