joachim/mosquitto-mqtt-broker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Joachim Hummel
2025-11-03 22:44:47 +00:00
commit d4b7fa1c31
12 changed files with 1056 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
.env.example Normal file
View File

@@ -0,0 +1,29 @@
UID=1000
GID=1000
# MQTT Admin Credentials (Vollzugriff)
MQTT_ADMIN_USERNAME=admin
MQTT_ADMIN_PASSWORD=change_me_admin_password
# MQTT Panel Credentials (für Web Dashboard)
MQTT_PANEL_USERNAME=panel
MQTT_PANEL_PASSWORD=change_me_panel_password
# MQTT Test User Credentials
MQTT_TESTUSER_USERNAME=testuser
MQTT_TESTUSER_PASSWORD=change_me_testuser_password
# MQTT Device 1 Credentials
MQTT_DEVICE1_USERNAME=device1
MQTT_DEVICE1_PASSWORD=change_me_device1_password
# MQTT Device 2 Credentials
MQTT_DEVICE2_USERNAME=device2
MQTT_DEVICE2_PASSWORD=change_me_device2_password
# MQTT Monitor Credentials (Read-Only)
MQTT_MONITOR_USERNAME=monitor
MQTT_MONITOR_PASSWORD=change_me_monitor_password
# MQTTUI Configuration (mindestens 32 Zeichen empfohlen)
SECRET_KEY=your-secret-key-here-minimum-32-characters

39
.gitignore vendored Normal file
View File

@@ -0,0 +1,39 @@
# MQTT Server - Git Ignore
# =========================
# Environment Variables mit Credentials
.env
# Passwort-Dateien NICHT committen!
passwords.txt
# Wenn die Datei mit echten Passwörtern gefüllt ist
# NIEMALS committen!
# Mosquitto Logs
*.log
# Docker Volumes
mosquitto_data/
mosquitto_log/
# Backup Files
*.bak
*.backup
# Temporäre Dateien
*.tmp
*.temp
*~
# macOS
.DS_Store
# Windows
Thumbs.db
# Editor Files
.vscode/
.idea/
*.swp
*.swo

175
CLAUDE.md Normal file
View File

@@ -0,0 +1,175 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Project Overview
This is a Docker-based MQTT server setup using Eclipse Mosquitto broker with a web-based MQTTUI dashboard. The system provides MQTT messaging on port 1883, WebSocket support on port 9001, and a web dashboard on port 5000.
## Architecture
### Container Stack
- **mosquitto**: Eclipse Mosquitto MQTT broker (eclipse-mosquitto:2)
- Runs with user-specified UID/GID from .env
- Two listeners: MQTT (1883) and WebSocket (9001)
- Persistence enabled with data stored in `./data/mosquitto.db`
- **mqttui**: Web dashboard (terdia07/mqttui:latest)
- Depends on mosquitto service
- Database-enabled for message storage (SQLite)
- Configurable via environment variables
- Stores data in `./mqttui-data/` directory
### Authentication & Authorization
- **Dual authentication model**: Supports both anonymous and authenticated users
- Anonymous users have limited access to `public/#` and `$SYS/#` topics only (defined in config/acl.conf:6-10)
- Authenticated users require username/password stored in `config/passwords.txt`
- Six user types defined (config/acl.conf):
- `admin`/`joachim`: Full access (readwrite #)
- `panel`: Dashboard user with full access
- `testuser`: Personal topic access (user/testuser/#) + public topics
- `device1`/`device2`: Device-specific write access (devices/deviceX/#) with read-only status
- `monitor`: Global read-only access
### Configuration Files
- `config/mosquitto.conf`: Main broker configuration (listeners, persistence, auth, logging)
- `config/acl.conf`: Access Control Lists defining per-user topic permissions
- `config/passwords.txt`: Generated by setup.sh, stores hashed passwords (not in repo)
- `.env`: Environment variables for credentials and settings (not in repo, use .env.example)
- `mqtt-panel-config.json`: Legacy config file (current setup uses mqttui instead of mqtt-panel)
## Development Commands
### Initial Setup
```bash
# Copy environment template and configure credentials
cp .env.example .env
# Edit .env and set all passwords
# Make scripts executable
chmod +x setup.sh test-mqtt.sh
# Start containers
docker-compose up -d
# Create MQTT users from .env credentials
./setup.sh
```
### Container Management
```bash
# Start all services
docker-compose up -d
# View logs
docker-compose logs -f # All services
docker-compose logs -f mosquitto # Mosquitto only
docker-compose logs -f mqttui # MQTTUI only
# Restart services
docker-compose restart # All
docker-compose restart mosquitto # Mosquitto only
# Stop and remove containers
docker-compose down
# Stop and remove including volumes
docker-compose down -v
```
### User Management
```bash
# Add/update user password
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt USERNAME PASSWORD
# Delete user
docker exec -it mosquitto-mqtt mosquitto_passwd -D /mosquitto/config/passwords.txt USERNAME
# After modifying users or ACL, restart Mosquitto
docker-compose restart mosquitto
```
### Testing & Debugging
```bash
# Run test script (sends sample messages to various topics)
./test-mqtt.sh
# Publish to public topic (no auth required)
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "public/test" -m "Hello"
# Publish with authentication
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "sensors/temperature" -m "22.5" -u admin -P admin123
# Subscribe to all topics
docker exec mosquitto-mqtt mosquitto_sub -h localhost -t '#' -v -u admin -P admin123
# Subscribe to public topics only (no auth)
docker exec mosquitto-mqtt mosquitto_sub -h localhost -t 'public/#' -v
# Test Mosquitto configuration
docker exec mosquitto-mqtt mosquitto -c /mosquitto/config/mosquitto.conf -v
# Access container shell
docker exec -it mosquitto-mqtt sh
docker exec -it mqttui sh
```
## Important Notes
### Security Considerations
- `.env` file contains all credentials and MUST NOT be committed (already in .gitignore)
- Default passwords in .env.example must be changed for production
- Anonymous access is enabled but restricted to `public/#` topics via ACL
- All credentials are loaded from .env by setup.sh (lines setup.sh:8-18)
- The SECRET_KEY in .env is used by mqttui for session management
### ACL Behavior
- ACL rules are evaluated per-user (config/acl.conf)
- Anonymous users get explicit rules defined under `user anonymous`
- Authenticated users inherit their specific user rules
- Pattern `#` is wildcard for all topics, `+` for single-level wildcard
- After ACL changes, always restart mosquitto: `docker-compose restart mosquitto`
### MQTTUI Dashboard
- The docker-compose.yml uses mqttui (not mqtt-panel as mentioned in README.md)
- Dashboard connects to broker using credentials from .env: MQTT_PANEL_USERNAME/PASSWORD
- Database storage enabled (DB_PATH=/app/data/mqtt_messages.db) with cleanup after 30 days
- Max 10,000 messages retained in database (DB_MAX_MESSAGES)
- Widget configuration is managed through mqttui web interface, not mqtt-panel-config.json
### File Permissions
- Mosquitto runs as UID:GID specified in .env (default 1000:1000)
- Ensure config/, data/, and log/ directories have correct permissions
- passwords.txt should be readable by the mosquitto user (chmod 644)
### Persistence
- MQTT messages persist in `./data/mosquitto.db`
- MQTTUI data stored in `./mqttui-data/mqtt_messages.db`
- To completely reset: `docker-compose down -v` and remove data/log directories
## Endpoints
- **MQTT**: localhost:1883
- **WebSocket**: ws://localhost:9001
- **Web Dashboard**: http://localhost:5000
## Common Patterns
### Adding a New User Type
1. Add credentials to .env
2. Update setup.sh to create the user (lines setup.sh:59-86)
3. Add ACL rules in config/acl.conf
4. Run `./setup.sh` to create user
5. Restart mosquitto: `docker-compose restart mosquitto`
### Debugging ACL Issues
1. Enable verbose logging in config/mosquitto.conf (add `log_type all`)
2. Restart mosquitto: `docker-compose restart mosquitto`
3. Check logs: `docker-compose logs -f mosquitto`
4. Look for "DENIED" messages indicating ACL blocks
### Client Integration
- Use MQTT port 1883 for native MQTT clients (Python paho-mqtt, etc.)
- Use WebSocket port 9001 for browser-based clients
- Provide username/password from .env for authenticated topics
- Use anonymous connection only for public/* topics

363
README.md Normal file
View File

@@ -0,0 +1,363 @@
# MQTT Server Setup mit Mosquitto & Web Dashboard
Komplettes MQTT Setup mit Eclipse Mosquitto Broker und MQTTUI Web Dashboard.
## Features
**Mosquitto MQTT Broker**
- MQTT auf Port 1883
- WebSocket auf Port 9001
- Passwort-Authentifizierung
- ACL (Access Control Lists)
- Öffentliches Topic ohne Anmeldung (`public/*`)
- Persistenz aktiviert
**Web Dashboard (MQTTUI)**
- Web-basiertes MQTT Dashboard
- Nachrichtenverlauf mit SQLite Datenbank
- Echtzeit-Updates
- Läuft auf Port 5000
## Verzeichnisstruktur
```
mqtt/
├── config/ # Konfigurationsdateien
│ ├── mosquitto.conf # Mosquitto Hauptkonfiguration
│ ├── acl.conf # Access Control Lists
│ └── passwords.txt # User/Passwort Datei (wird generiert)
├── data/ # Mosquitto Persistenz Daten
├── log/ # Mosquitto Log-Dateien
├── mqttui-data/ # MQTTUI Datenbank
├── docker-compose.yml # Docker Setup
├── .env # Umgebungsvariablen (NICHT committen!)
├── .env.example # Beispiel für Umgebungsvariablen
├── mqtt-panel-config.json # Legacy Dashboard Konfiguration
├── setup.sh # Setup-Script für User
├── test-mqtt.sh # Test-Script für MQTT Nachrichten
├── CLAUDE.md # Projekt-Dokumentation für Claude Code
└── README.md # Diese Datei
```
## Quick Start
### 1. Umgebungsvariablen konfigurieren
```bash
# .env.example als Vorlage kopieren
cp .env.example .env
# .env editieren und sichere Passwörter setzen
nano .env
```
⚠️ **WICHTIG**: Setze sichere Passwörter in der `.env` Datei!
### 2. Server starten
```bash
# Container starten
docker-compose up -d
# Logs anschauen
docker-compose logs -f
```
### 3. Benutzer erstellen
```bash
# Setup-Script ausführbar machen
chmod +x setup.sh
# User aus .env erstellen
./setup.sh
```
Das Script erstellt folgende User (Credentials aus .env):
- `admin` - Vollzugriff
- `panel` - Für Web Dashboard
- `testuser` - Normaler User
- `device1` - IoT Device 1
- `device2` - IoT Device 2
- `monitor` - Read-Only
### 4. Dashboard öffnen
Web Dashboard: **http://localhost:5000**
## Zugriff
### MQTT Endpoints
- **MQTT**: `localhost:1883`
- **WebSocket**: `ws://localhost:9001`
- **Web Dashboard**: `http://localhost:5000`
### Öffentliches Topic (ohne Anmeldung)
Topic: `public/*`
**Beispiel mit mosquitto_pub:**
```bash
# Nachricht an öffentliches Topic senden (KEINE Authentifizierung)
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "public/test" -m "Hallo Welt!"
# Öffentliches Topic abhören
docker exec mosquitto-mqtt mosquitto_sub -h localhost -t "public/#" -v
```
### Mit Authentifizierung
**Beispiel mit Admin User:**
```bash
# Mit Authentifizierung publishen (Credentials aus .env verwenden)
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "devices/device1/status" -m "online" -u admin -P <ADMIN_PASSWORD>
# Mit Authentifizierung subscriben (Credentials aus .env verwenden)
docker exec mosquitto-mqtt mosquitto_sub -h localhost -t "#" -v -u admin -P <ADMIN_PASSWORD>
```
💡 **Hinweis**: Ersetze `<ADMIN_PASSWORD>` mit dem Passwort aus deiner `.env` Datei.
## Benutzerverwaltung
### Neuen User hinzufügen
```bash
# User hinzufügen/ändern
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt USERNAME PASSWORD
```
### User löschen
```bash
docker exec -it mosquitto-mqtt mosquitto_passwd -D /mosquitto/config/passwords.txt USERNAME
```
### Mosquitto neu laden (nach User-Änderungen)
```bash
docker-compose restart mosquitto
```
## ACL Konfiguration (acl.conf)
Die ACL definiert, wer auf welche Topics zugreifen darf:
### Anonymous User (ohne Anmeldung)
```
user anonymous
topic read public/#
topic write public/#
```
### Admin (alles erlaubt)
```
user admin
topic readwrite #
```
### Device (nur eigene Topics)
```
user device1
topic write devices/device1/#
topic read devices/device1/status
topic read public/#
```
Nach ACL-Änderungen Container neu starten:
```bash
docker-compose restart mosquitto
```
## Dashboard
Das MQTTUI Dashboard zeigt alle MQTT Nachrichten in Echtzeit an und speichert sie in einer SQLite Datenbank.
### Dashboard Konfiguration
Die Dashboard-Einstellungen werden über Umgebungsvariablen in der `.env` Datei konfiguriert:
- `MQTT_PANEL_USERNAME`: Benutzername für den Broker-Zugriff
- `MQTT_PANEL_PASSWORD`: Passwort für den Broker-Zugriff
- `SECRET_KEY`: Session-Key für die Web-Oberfläche
Nach Änderungen Container neu starten:
```bash
docker-compose restart mqttui
```
## Test-Nachrichten senden
### Via Docker
```bash
# Öffentlich (ohne Auth)
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "public/message" -m "Test Nachricht"
# Mit Auth (Passwort aus .env verwenden)
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "sensors/temperature" -m "22.5" -u admin -P <ADMIN_PASSWORD>
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "sensors/humidity" -m "65" -u admin -P <ADMIN_PASSWORD>
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "system/cpu" -m "45" -u admin -P <ADMIN_PASSWORD>
```
Oder verwende das Test-Script:
```bash
./test-mqtt.sh
```
### Via Python (paho-mqtt)
```bash
pip install paho-mqtt
```
```python
import paho.mqtt.client as mqtt
import os
# Credentials aus .env laden
admin_user = os.getenv("MQTT_ADMIN_USERNAME", "admin")
admin_pass = os.getenv("MQTT_ADMIN_PASSWORD")
client = mqtt.Client()
client.username_pw_set(admin_user, admin_pass)
client.connect("localhost", 1883)
# Nachrichten senden
client.publish("sensors/temperature", "23.4")
client.publish("sensors/humidity", "68")
client.publish("public/message", "Hallo von Python!")
client.disconnect()
```
### Via JavaScript (Browser/Node.js)
```bash
npm install mqtt
```
```javascript
const mqtt = require('mqtt');
// Credentials aus Umgebungsvariablen laden
const admin_user = process.env.MQTT_ADMIN_USERNAME || 'admin';
const admin_pass = process.env.MQTT_ADMIN_PASSWORD;
const client = mqtt.connect('ws://localhost:9001', {
username: admin_user,
password: admin_pass
});
client.on('connect', () => {
console.log('Connected!');
// Nachrichten senden
client.publish('sensors/temperature', '24.1');
client.publish('public/message', 'Hallo von Node.js!');
});
```
## Troubleshooting
### Container Logs anschauen
```bash
# Alle Logs
docker-compose logs -f
# Nur Mosquitto
docker-compose logs -f mosquitto
# Nur MQTTUI
docker-compose logs -f mqttui
```
### In Container einsteigen
```bash
# Mosquitto Container
docker exec -it mosquitto-mqtt sh
# MQTTUI Container
docker exec -it mqttui sh
```
### Mosquitto Konfiguration testen
```bash
docker exec mosquitto-mqtt mosquitto -c /mosquitto/config/mosquitto.conf -v
```
### Permissions Fehler
```bash
# Berechtigungen für passwords.txt setzen
chmod 644 passwords.txt
```
### ACL Debug
Aktiviere Debug-Logging in `mosquitto.conf`:
```
log_type all
```
Dann Container neu starten und Logs prüfen.
## Sicherheit für Production
⚠️ **WICHTIG für Production-Umgebungen:**
1. **Passwörter ändern**: Alle Default-Passwörter ändern!
2. **SSL/TLS aktivieren**: Verschlüsselte Verbindungen einrichten
3. **Firewall konfigurieren**: Nur benötigte Ports öffnen
4. **ACL restriktiv gestalten**: Principle of Least Privilege
5. **Anonymous Access prüfen**: `allow_anonymous false` belassen
6. **Mosquitto Updates**: Regelmäßig Updates einspielen
### SSL/TLS einrichten (optional)
1. Zertifikate generieren
2. `mosquitto.conf` erweitern:
```
listener 8883
protocol mqtt
cafile /mosquitto/config/ca.crt
certfile /mosquitto/config/server.crt
keyfile /mosquitto/config/server.key
```
## Container verwalten
```bash
# Starten
docker-compose up -d
# Stoppen
docker-compose stop
# Neu starten
docker-compose restart
# Stoppen und löschen
docker-compose down
# Stoppen, löschen inkl. Volumes
docker-compose down -v
# Nur mosquitto neu starten
docker-compose restart mosquitto
```
## Support & Dokumentation
- **Mosquitto Docs**: https://mosquitto.org/documentation/
- **MQTTUI**: https://github.com/nikesh-p/mqttui
- **MQTT.org**: https://mqtt.org/
## Lizenz
Dieses Setup verwendet:
- Eclipse Mosquitto (EPL/EDL)
- MQTTUI (Open Source)

48
config/acl.conf Normal file
View File

@@ -0,0 +1,48 @@
# Mosquitto ACL (Access Control List) Konfiguration
# ===========================================
# ÖFFENTLICHES TOPIC OHNE ANMELDUNG
# Anonymous User haben Zugriff auf public/* Topics
user anonymous
topic read public/#
topic write public/#
# Erlaube anonymous Lesezugriff auf $SYS/# für Healthchecks und Monitoring
topic read $SYS/#
# ADMINISTRATOR MIT VOLLZUGRIFF
# Admin kann alles lesen und schreiben
user admin
topic readwrite #
# MQTT-PANEL USER (für Web UI)
# Panel kann alles lesen/schreiben für Dashboard
user panel
topic readwrite #
# BEISPIEL: Normale authentifizierte User
# User können ihre eigenen Topics lesen/schreiben
user testuser
topic readwrite user/testuser/#
topic read public/#
topic write public/#
# BEISPIEL: IoT Devices mit eingeschränktem Zugriff
# Device kann nur an seinem eigenen Topic schreiben und Status lesen
user device1
topic write devices/device1/#
topic read devices/device1/status
topic read public/#
user device2
topic write devices/device2/#
topic read devices/device2/status
topic read public/#
# BEISPIEL: Read-Only User für Monitoring
user monitor
topic read #
# Pattern für User-spezifische Topics (optional)
# %u wird durch den Username ersetzt
# pattern read sensor/%u/#
# pattern write sensor/%u/#

53
config/mosquitto.conf Normal file
View File

@@ -0,0 +1,53 @@
# Mosquitto MQTT Broker Konfiguration
# ===========================================
# Listener auf Port 1883 (Standard MQTT Port)
listener 1883
protocol mqtt
# WebSocket Support auf Port 9001 (für Browser-Clients und mqtt-panel)
listener 9001
protocol websockets
# Logging
log_dest stdout
log_dest file /mosquitto/log/mosquitto.log
log_type error
log_type warning
log_type notice
log_type information
log_timestamp true
log_timestamp_format %Y-%m-%dT%H:%M:%S
# Connection Logging
connection_messages true
# Persistenz aktivieren
persistence true
persistence_location /mosquitto/data/
persistence_file mosquitto.db
# Authentifizierung aktivieren
# allow_anonymous true ermöglicht anonyme Verbindungen, ACL regelt die Rechte
# Anonymous User haben nur Zugriff auf public/# und $SYS/# (siehe acl.conf)
allow_anonymous true
# Passwort-Datei
password_file /mosquitto/config/passwords.txt
# ACL (Access Control List) aktivieren
acl_file /mosquitto/config/acl.conf
# Maximale Verbindungen
max_connections -1
# Message Limits
message_size_limit 0
max_inflight_messages 20
max_queued_messages 1000
# Keepalive
max_keepalive 65535
# QoS Settings
upgrade_outgoing_qos false

BIN
data/mosquitto.db Normal file
View File

Binary file not shown.

57
docker-compose.yml Normal file
View File

@@ -0,0 +1,57 @@
services:
mosquitto:
image: eclipse-mosquitto:2
container_name: mosquitto-mqtt
restart: unless-stopped
user: "${UID:-1000}:${GID:-1000}"
ports:
- "1883:1883"
- "9001:9001"
volumes:
- ./config:/mosquitto/config:rw
- ./data:/mosquitto/data
- ./log:/mosquitto/log
networks:
- mqtt-network
# Healthcheck: beim mosquitto-Image fehlen oft Clients & nc.
# Entweder weglassen oder separaten Sidecar-Check verwenden.
# healthcheck:
# test: ["CMD-SHELL", "test -f /mosquitto/config/mosquitto.conf"]
# interval: 30s
# timeout: 10s
# retries: 3
# start_period: 10s
mqttui:
image: terdia07/mqttui:latest
container_name: mqttui
restart: unless-stopped
ports:
- "5000:5000"
environment:
- DEBUG=False
- HOST=0.0.0.0
- PORT=5000
- MQTT_BROKER=mosquitto
- MQTT_PORT=1883
- MQTT_USERNAME=${MQTT_PANEL_USERNAME}
- MQTT_PASSWORD=${MQTT_PANEL_PASSWORD}
- MQTT_KEEPALIVE=60
- MQTT_VERSION=3.1.1
- SECRET_KEY=${SECRET_KEY}
- LOG_LEVEL=INFO
- MQTT_TOPICS=#
- DB_ENABLED=True
- DB_PATH=/app/data/mqtt_messages.db
- DB_MAX_MESSAGES=10000
- DB_CLEANUP_DAYS=30
volumes:
- ./mqttui-data:/app/data
networks:
- mqtt-network
depends_on:
- mosquitto
networks:
mqtt-network:
driver: bridge

109
mqtt-panel-config.json Normal file
View File

@@ -0,0 +1,109 @@
{
"broker": "ws://localhost:9001",
"username": "${MQTT_PANEL_USERNAME}",
"password": "${MQTT_PANEL_PASSWORD}",
"title": "MQTT Dashboard",
"theme": {
"primary": "#2196F3",
"accent": "#FF5722"
},
"widgets": [
{
"type": "text",
"title": "Öffentliche Nachricht",
"topic": "public/message",
"suffix": "",
"row": 0,
"col": 0,
"sizeX": 2,
"sizeY": 1
},
{
"type": "toggle",
"title": "Gerät 1 Ein/Aus",
"topic": "devices/device1/power",
"onValue": "ON",
"offValue": "OFF",
"row": 0,
"col": 2,
"sizeX": 1,
"sizeY": 1
},
{
"type": "numeric",
"title": "Temperatur",
"topic": "sensors/temperature",
"suffix": " °C",
"precision": 1,
"row": 1,
"col": 0,
"sizeX": 1,
"sizeY": 1
},
{
"type": "numeric",
"title": "Luftfeuchtigkeit",
"topic": "sensors/humidity",
"suffix": " %",
"precision": 0,
"row": 1,
"col": 1,
"sizeX": 1,
"sizeY": 1
},
{
"type": "gauge",
"title": "CPU Last",
"topic": "system/cpu",
"min": 0,
"max": 100,
"suffix": " %",
"row": 1,
"col": 2,
"sizeX": 1,
"sizeY": 1
},
{
"type": "button",
"title": "Test Nachricht senden",
"topic": "public/test",
"payload": "Hallo MQTT!",
"row": 2,
"col": 0,
"sizeX": 1,
"sizeY": 1
},
{
"type": "chart",
"title": "Sensor Verlauf",
"topics": [
{
"topic": "sensors/temperature",
"label": "Temperatur"
},
{
"topic": "sensors/humidity",
"label": "Feuchtigkeit"
}
],
"history": 20,
"row": 2,
"col": 1,
"sizeX": 2,
"sizeY": 2
},
{
"type": "slider",
"title": "LED Helligkeit",
"topic": "devices/device1/brightness",
"min": 0,
"max": 100,
"step": 1,
"suffix": " %",
"row": 0,
"col": 3,
"sizeX": 1,
"sizeY": 1
}
]
}

BIN
mqttui-data/mqtt_messages.db Normal file
View File

Binary file not shown.

114
setup.sh Normal file
View File

@@ -0,0 +1,114 @@
#!/bin/bash
# MQTT Setup Script - Erstellt User für Mosquitto
# ================================================
set -e
# Lade Umgebungsvariablen aus .env
if [ ! -f .env ]; then
echo "❌ Fehler: .env Datei nicht gefunden!"
echo "Bitte erstelle eine .env Datei basierend auf .env.example"
exit 1
fi
# Lade .env und exportiere Variablen
set -a
source .env
set +a
echo "================================================"
echo "MQTT Server Setup - Benutzer erstellen"
echo "================================================"
echo ""
# Validiere dass alle benötigten Variablen gesetzt sind
required_vars=(
"MQTT_ADMIN_USERNAME" "MQTT_ADMIN_PASSWORD"
"MQTT_PANEL_USERNAME" "MQTT_PANEL_PASSWORD"
"MQTT_TESTUSER_USERNAME" "MQTT_TESTUSER_PASSWORD"
"MQTT_DEVICE1_USERNAME" "MQTT_DEVICE1_PASSWORD"
"MQTT_DEVICE2_USERNAME" "MQTT_DEVICE2_PASSWORD"
"MQTT_MONITOR_USERNAME" "MQTT_MONITOR_PASSWORD"
)
for var in "${required_vars[@]}"; do
if [ -z "${!var}" ]; then
echo "❌ Fehler: $var ist nicht in .env definiert!"
exit 1
fi
done
# Prüfe ob Docker läuft
if ! docker info > /dev/null 2>&1; then
echo "❌ Fehler: Docker ist nicht gestartet!"
exit 1
fi
# Prüfe ob Container läuft
if ! docker ps | grep -q mosquitto-mqtt; then
echo "⚠️ Mosquitto Container läuft nicht. Starte Container..."
docker-compose up -d mosquitto
echo "⏳ Warte 5 Sekunden bis Mosquitto gestartet ist..."
sleep 5
fi
echo "📝 Erstelle Benutzer in der Passwort-Datei..."
echo ""
# Admin User
echo "➡️ Erstelle Admin User (Vollzugriff)"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_ADMIN_USERNAME" "$MQTT_ADMIN_PASSWORD"
echo " ✅ User: $MQTT_ADMIN_USERNAME erstellt"
# Panel User für Web UI
echo "➡️ Erstelle Panel User (für Web Dashboard)"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_PANEL_USERNAME" "$MQTT_PANEL_PASSWORD"
echo " ✅ User: $MQTT_PANEL_USERNAME erstellt"
# Test User
echo "➡️ Erstelle Test User"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_TESTUSER_USERNAME" "$MQTT_TESTUSER_PASSWORD"
echo " ✅ User: $MQTT_TESTUSER_USERNAME erstellt"
# Device User
echo "➡️ Erstelle Device1 User"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_DEVICE1_USERNAME" "$MQTT_DEVICE1_PASSWORD"
echo " ✅ User: $MQTT_DEVICE1_USERNAME erstellt"
echo "➡️ Erstelle Device2 User"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_DEVICE2_USERNAME" "$MQTT_DEVICE2_PASSWORD"
echo " ✅ User: $MQTT_DEVICE2_USERNAME erstellt"
# Monitor User (Read-Only)
echo "➡️ Erstelle Monitor User (Read-Only)"
docker exec -it mosquitto-mqtt mosquitto_passwd -b /mosquitto/config/passwords.txt "$MQTT_MONITOR_USERNAME" "$MQTT_MONITOR_PASSWORD"
echo " ✅ User: $MQTT_MONITOR_USERNAME erstellt"
echo ""
echo "================================================"
echo "✅ Setup abgeschlossen!"
echo "================================================"
echo ""
echo "Erstellte User:"
echo " - $MQTT_ADMIN_USERNAME (Vollzugriff)"
echo " - $MQTT_PANEL_USERNAME (für Web Dashboard)"
echo " - $MQTT_TESTUSER_USERNAME (normaler User)"
echo " - $MQTT_DEVICE1_USERNAME (IoT Device 1)"
echo " - $MQTT_DEVICE2_USERNAME (IoT Device 2)"
echo " - $MQTT_MONITOR_USERNAME (Read-Only)"
echo ""
echo "⚠️ Passwörter sind in der .env Datei definiert"
echo ""
echo "Mosquitto neu laden..."
docker exec mosquitto-mqtt mosquitto -c /mosquitto/config/mosquitto.conf &
echo ""
echo "🚀 MQTT Broker läuft auf:"
echo " - MQTT: localhost:1883"
echo " - WebSocket: ws://localhost:9001"
echo " - Web Dashboard: http://localhost:8080"
echo ""
echo "📡 Öffentliches Topic ohne Authentifizierung:"
echo " - public/*"
echo ""

69
test-mqtt.sh Normal file
View File

@@ -0,0 +1,69 @@
#!/bin/bash
# MQTT Test Script - Sendet Test-Nachrichten an verschiedene Topics
# ===================================================================
echo "================================================"
echo "MQTT Server Test"
echo "================================================"
echo ""
# Prüfe ob Container läuft
if ! docker ps | grep -q mosquitto-mqtt; then
echo "❌ Fehler: Mosquitto Container läuft nicht!"
echo " Starte mit: docker-compose up -d"
exit 1
fi
echo "📡 Sende Test-Nachrichten..."
echo ""
# Test 1: Öffentliches Topic (OHNE Authentifizierung)
echo "1⃣ Öffentliches Topic (ohne Auth): public/message"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "public/message" -m "Hallo von public!"
echo " ✅ Gesendet"
echo ""
# Test 2: Temperature Sensor (MIT Authentifizierung)
echo "2⃣ Temperature Sensor: sensors/temperature"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "sensors/temperature" -m "22.5" -u admin -P admin123
echo " ✅ Gesendet: 22.5°C"
echo ""
# Test 3: Humidity Sensor
echo "3⃣ Humidity Sensor: sensors/humidity"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "sensors/humidity" -m "65" -u admin -P admin123
echo " ✅ Gesendet: 65%"
echo ""
# Test 4: CPU Usage
echo "4⃣ CPU Usage: system/cpu"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "system/cpu" -m "45" -u admin -P admin123
echo " ✅ Gesendet: 45%"
echo ""
# Test 5: Device Power Toggle
echo "5⃣ Device Power: devices/device1/power"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "devices/device1/power" -m "ON" -u admin -P admin123
echo " ✅ Gesendet: ON"
echo ""
# Test 6: Device Brightness
echo "6⃣ Device Brightness: devices/device1/brightness"
docker exec mosquitto-mqtt mosquitto_pub -h localhost -t "devices/device1/brightness" -m "75" -u admin -P admin123
echo " ✅ Gesendet: 75%"
echo ""
echo "================================================"
echo "✅ Test abgeschlossen!"
echo "================================================"
echo ""
echo "🌐 Öffne das Dashboard: http://localhost:8080"
echo " Die Test-Daten sollten jetzt in den Widgets sichtbar sein."
echo ""
echo "📊 Subscribe auf alle Topics:"
echo " docker exec mosquitto-mqtt mosquitto_sub -h localhost -t '#' -v -u admin -P admin123"
echo ""
echo "📡 Subscribe auf öffentliche Topics (ohne Auth):"
echo " docker exec mosquitto-mqtt mosquitto_sub -h localhost -t 'public/#' -v"
echo ""