158 lines
4.4 KiB
Bash
Executable File
158 lines
4.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -euo pipefail
|
|
|
|
COMPOSE_CMD=${COMPOSE_CMD:-"docker compose"}
|
|
PASSWORD_FILE="config/passwords.txt"
|
|
PASSWORD_TEMPLATE="config/passwords.txt.template"
|
|
|
|
ensure_password_file() {
|
|
if [ -f "$PASSWORD_FILE" ]; then
|
|
return
|
|
fi
|
|
|
|
if [ -f "$PASSWORD_TEMPLATE" ]; then
|
|
cp "$PASSWORD_TEMPLATE" "$PASSWORD_FILE"
|
|
else
|
|
touch "$PASSWORD_FILE"
|
|
fi
|
|
|
|
chmod 640 "$PASSWORD_FILE" 2>/dev/null || true
|
|
echo "🆕 Passwort-Datei $PASSWORD_FILE angelegt."
|
|
}
|
|
|
|
require_docker() {
|
|
if ! docker info >/dev/null 2>&1; then
|
|
echo "❌ Fehler: Docker ist nicht gestartet!"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
mosquitto_running() {
|
|
docker ps --format '{{.Names}}' | grep -qx 'mosquitto'
|
|
}
|
|
|
|
ensure_mosquitto_service() {
|
|
if mosquitto_running; then
|
|
return
|
|
fi
|
|
|
|
echo "⚠️ Mosquitto Container läuft nicht. Starte Container..."
|
|
ensure_password_file
|
|
$COMPOSE_CMD up -d mosquitto
|
|
echo "⏳ Warte 5 Sekunden bis Mosquitto gestartet ist..."
|
|
sleep 5
|
|
}
|
|
|
|
compose_exec_mosquitto() {
|
|
$COMPOSE_CMD exec -T mosquitto "$@"
|
|
}
|
|
|
|
create_user() {
|
|
local USERNAME=$1
|
|
local PASSWORD=$2
|
|
local LABEL=$3
|
|
|
|
echo "➡️ Erstelle $LABEL"
|
|
compose_exec_mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$USERNAME" "$PASSWORD"
|
|
echo " ✅ User: $USERNAME erstellt"
|
|
}
|
|
|
|
# CLI-Modus: Einzelnen User erstellen
|
|
if [ "${1:-}" == "create" ]; then
|
|
if [ -z "${2:-}" ] || [ -z "${3:-}" ]; then
|
|
echo "❌ Fehler: Username und Passwort erforderlich!"
|
|
echo "Verwendung: $0 create <username> <password>"
|
|
exit 1
|
|
fi
|
|
|
|
require_docker
|
|
ensure_password_file
|
|
|
|
if ! mosquitto_running; then
|
|
echo "❌ Fehler: Mosquitto Container läuft nicht!"
|
|
echo "Starte zuerst die Container mit: docker compose up -d"
|
|
exit 1
|
|
fi
|
|
|
|
USERNAME="$2"
|
|
PASSWORD="$3"
|
|
|
|
echo "📝 Erstelle User: $USERNAME"
|
|
compose_exec_mosquitto mosquitto_passwd -b /mosquitto/config/passwords.txt "$USERNAME" "$PASSWORD"
|
|
echo "✅ User $USERNAME erfolgreich erstellt/aktualisiert!"
|
|
echo ""
|
|
echo "⚠️ Vergiss nicht, ACL-Regeln in config/acl.conf anzupassen!"
|
|
echo "Und Mosquitto neu zu starten: docker compose restart mosquitto"
|
|
exit 0
|
|
fi
|
|
|
|
if [ ! -f .env ]; then
|
|
echo "❌ Fehler: .env Datei nicht gefunden!"
|
|
echo "Bitte erstelle eine .env Datei basierend auf .env.example"
|
|
exit 1
|
|
fi
|
|
|
|
set -a
|
|
source .env
|
|
set +a
|
|
|
|
ensure_password_file
|
|
require_docker
|
|
ensure_mosquitto_service
|
|
|
|
echo "================================================"
|
|
echo "MQTT Server Setup - Benutzer erstellen"
|
|
echo "================================================"
|
|
echo ""
|
|
|
|
required_vars=(
|
|
"MQTT_ADMIN_USERNAME" "MQTT_ADMIN_PASSWORD"
|
|
"MQTT_PANEL_USERNAME" "MQTT_PANEL_PASSWORD"
|
|
"MQTT_TESTUSER_USERNAME" "MQTT_TESTUSER_PASSWORD"
|
|
"MQTT_DEVICE1_USERNAME" "MQTT_DEVICE1_PASSWORD"
|
|
"MQTT_DEVICE2_USERNAME" "MQTT_DEVICE2_PASSWORD"
|
|
"MQTT_MONITOR_USERNAME" "MQTT_MONITOR_PASSWORD"
|
|
)
|
|
|
|
for var in "${required_vars[@]}"; do
|
|
if [ -z "${!var}" ]; then
|
|
echo "❌ Fehler: $var ist nicht in .env definiert!"
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
create_user "$MQTT_ADMIN_USERNAME" "$MQTT_ADMIN_PASSWORD" "Admin User (Vollzugriff)"
|
|
create_user "$MQTT_PANEL_USERNAME" "$MQTT_PANEL_PASSWORD" "Panel User (für Web Dashboard)"
|
|
create_user "$MQTT_TESTUSER_USERNAME" "$MQTT_TESTUSER_PASSWORD" "Test User"
|
|
create_user "$MQTT_DEVICE1_USERNAME" "$MQTT_DEVICE1_PASSWORD" "Device1 User"
|
|
create_user "$MQTT_DEVICE2_USERNAME" "$MQTT_DEVICE2_PASSWORD" "Device2 User"
|
|
create_user "$MQTT_MONITOR_USERNAME" "$MQTT_MONITOR_PASSWORD" "Monitor User (Read-Only)"
|
|
|
|
echo ""
|
|
echo "================================================"
|
|
echo "✅ Setup abgeschlossen!"
|
|
echo "================================================"
|
|
echo ""
|
|
echo "Erstellte User:"
|
|
echo " - $MQTT_ADMIN_USERNAME (Vollzugriff)"
|
|
echo " - $MQTT_PANEL_USERNAME (für Web Dashboard)"
|
|
echo " - $MQTT_TESTUSER_USERNAME (normaler User)"
|
|
echo " - $MQTT_DEVICE1_USERNAME (IoT Device 1)"
|
|
echo " - $MQTT_DEVICE2_USERNAME (IoT Device 2)"
|
|
echo " - $MQTT_MONITOR_USERNAME (Read-Only)"
|
|
echo ""
|
|
echo "⚠️ Passwörter sind in der .env Datei definiert"
|
|
echo ""
|
|
|
|
$COMPOSE_CMD restart mosquitto >/dev/null
|
|
|
|
echo "🚀 MQTT Broker läuft auf:"
|
|
echo " - MQTT: localhost:1883"
|
|
echo " - WebSocket: ws://localhost:9001"
|
|
echo " - Web Dashboard: http://localhost:5000"
|
|
echo ""
|
|
echo "📡 Öffentliches Topic ohne Authentifizierung:"
|
|
echo " - public/* (read-only)"
|
|
echo ""
|