From 6da6b69ad89008f668289c47debcc7132ffdb549 Mon Sep 17 00:00:00 2001 From: duyuxuan Date: Mon, 23 Nov 2020 14:22:19 +0900 Subject: [PATCH 01/11] Add readme Japanese translation --- README-CN.md | 2 +- README-JP.md | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- 3 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 README-JP.md diff --git a/README-CN.md b/README-CN.md index 03a1d1a58..3d7843ed7 100644 --- a/README-CN.md +++ b/README-CN.md @@ -9,7 +9,7 @@ [![最棒的物联网 MQTT 开源团队期待您的加入](https://www.emqx.io/static/img/github_readme_cn_bg.png)](https://www.emqx.io/cn/careers) -[English](./README.md) | 简体中文 +[English](./README.md) | 简体中文 | [日本語](./README-JP.md) *EMQ X* 是一款完全开源,高度可伸缩,高可用的分布式 MQTT 消息服务器,适用于 IoT、M2M 和移动应用程序,可处理千万级别的并发客户端。 diff --git a/README-JP.md b/README-JP.md new file mode 100644 index 000000000..665f18b1b --- /dev/null +++ b/README-JP.md @@ -0,0 +1,98 @@ +# EMQ X Broker + +[![GitHub Release](https://img.shields.io/github/release/emqx/emqx?color=brightgreen)](https://github.com/emqx/emqx/releases) +[![Build Status](https://travis-ci.org/emqx/emqx.svg)](https://travis-ci.org/emqx/emqx) +[![Coverage Status](https://coveralls.io/repos/github/emqx/emqx/badge.svg)](https://coveralls.io/github/emqx/emqx) +[![Docker Pulls](https://img.shields.io/docker/pulls/emqx/emqx)](https://hub.docker.com/r/emqx/emqx) +[![Slack Invite]()](https://slack-invite.emqx.io) +[![Twitter](https://img.shields.io/badge/Twitter-EMQ%20X-1DA1F2?logo=twitter)](https://twitter.com/emqtt) + +[![The best IoT MQTT open source team looks forward to your joining](https://www.emqx.io/static/img/github_readme_en_bg.png)](https://www.emqx.io/careers) + +[English](./README.md) | [简体中文](./README-CN.md) | 日本語 + +*EMQ X* ブローカーは、数千万のクライアントを同時に処理できるIoT、M2M、モバイルアプリケーション向けの、完全なオープンソース、高拡張性、高可用性、分散型MQTTメッセージングブローカーです。 + +バージョン3.0以降、*EMQ X* ブローカーはMQTTV5.0プロトコル仕様を完全にサポートし、MQTT V3.1およびV3.1.1と下位互換性があります。MQTT-SN、CoAP、LwM2M、WebSocket、STOMPなどの通信プロトコルをサポートしています。 1つのクラスター上で1,000万以上の同時MQTT接続に拡張することができます。 + +- 新機能の一覧については、[EMQ Xリリースノート](https://github.com/emqx/emqx/releases)を参照してください。 +- 詳細はこちら[EMQ X公式ウェブサイト](https://www.emqx.io/)をご覧ください。 + +## インストール + +*EMQ X* ブローカーはクロスプラットフォームで、Linux、Unix、macOS、Windowsをサポートしています。これは、*EMQ X* ブローカーをx86_64アーキテクチャサーバー、またはRaspberryPiなどのARMデバイスにデプロイできることを意味します。 + +#### EMQ X Dockerイメージによるインストール + +``` +docker run -d --name emqx -p 1883:1883 -p 8083:8083 -p 8883:8883 -p 8084:8084 -p 18083:18083 emqx/emqx +``` + +#### バイナリパッケージによるインストール + +対応するオペレーティングシステムのバイナリソフトウェアパッケージは、[EMQ Xのダウンロード](https://www.emqx.io/downloads)ページから取得できます。 + +- [シングルノードインストール](https://docs.emqx.io/broker/latest/en/getting-started/installation.html) +- [マルチノードインストール](https://docs.emqx.io/broker/latest/en/advanced/cluster.html) + +## ソースからビルド + +バージョン3.0以降、*EMQ X* ブローカーをビルドするには Erlang/OTP R21+ が必要です。 + +``` +git clone https://github.com/emqx/emqx-rel.git + +cd emqx-rel && make + +cd _rel/emqx && ./bin/emqx console +``` + +## クイックスタート + +``` +# Start emqx +./bin/emqx start + +# Check Status +./bin/emqx_ctl status + +# Stop emqx +./bin/emqx stop +``` + +*EMQ X* ブローカーを起動したら、ブラウザで http://localhost:18083 にアクセスしてダッシュボードを表示できます。 + +## FAQ + +よくある質問については、[EMQ X FAQ](https://docs.emqx.io/broker/latest/en/faq/faq.html)にアクセスしてください。 + +## ロードマップ + +[EMQ X Roadmap uses Github milestones](https://github.com/emqx/emqx/milestones)からプロジェクトの進捗状況を追跡できます。 + +## コミュニティ、ディスカッション、貢献、サポート + +次のチャネルを通じて、EMQコミュニティおよび開発者に連絡できます。 + +- [Slack](https://slack-invite.emqx.io/) +- [Twitter](https://twitter.com/emqtt) +- [Facebook](https://www.facebook.com/emqxmqtt) +- [Reddit](https://www.reddit.com/r/emqx/) +- [Forum](https://groups.google.com/d/forum/emqtt) +- [Blog](https://medium.com/@emqtt) + +バグ、問題、機能のリクエストは、[emqx/emqx](https://github.com/emqx/emqx/issues)に送信してください。 + +## MQTT仕様 + +次のリンクから、MQTTプロトコルについて学習および確認できます。 + +[MQTT Version 3.1.1](https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html) + +[MQTT Version 5.0](https://docs.oasis-open.org/mqtt/mqtt/v5.0/cs02/mqtt-v5.0-cs02.html) + +[MQTT SN](http://mqtt.org/new/wp-content/uploads/2009/06/MQTT-SN_spec_v1.2.pdf) + +## License + +Apache License 2.0, see [LICENSE](https://github.com/emqx/MQTTX/blob/master/LICENSE). diff --git a/README.md b/README.md index 93813e1a8..0b42ffd4b 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ [![The best IoT MQTT open source team looks forward to your joining](https://www.emqx.io/static/img/github_readme_en_bg.png)](https://www.emqx.io/careers) -English | [简体中文](./README-CN.md) +English | [简体中文](./README-CN.md) | [日本語](./README-JP.md) *EMQ X* broker is a fully open source, highly scalable, highly available distributed MQTT messaging broker for IoT, M2M and Mobile applications that can handle tens of millions of concurrent clients. From 389228ecc07be668437229539a844977d207da75 Mon Sep 17 00:00:00 2001 From: Viacheslav Katsuba Date: Sat, 5 Dec 2020 00:16:36 +0200 Subject: [PATCH 02/11] Update README Fix broken link to installation --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0b42ffd4b..deaa178a9 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ docker run -d --name emqx -p 1883:1883 -p 8083:8083 -p 8883:8883 -p 8084:8084 -p Get the binary package of the corresponding OS from [EMQ X Download](https://www.emqx.io/downloads) page. -- [Single Node Install](https://docs.emqx.io/broker/latest/en/getting-started/installation.html) +- [Single Node Install](https://docs.emqx.io/broker/latest/en/getting-started/install.html) - [Multi Node Install](https://docs.emqx.io/broker/latest/en/advanced/cluster.html) From 9ced63cadd201a1aafd00bdc4e11a8ee91c96dcc Mon Sep 17 00:00:00 2001 From: zhouzb Date: Fri, 4 Dec 2020 10:43:58 +0800 Subject: [PATCH 03/11] fix(ekka): update ekka version to fix oom --- rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rebar.config b/rebar.config index df71f9762..23d0eb290 100644 --- a/rebar.config +++ b/rebar.config @@ -7,7 +7,7 @@ {jiffy, {git, "https://github.com/emqx/jiffy", {tag, "1.0.5"}}}, {cowboy, {git, "https://github.com/emqx/cowboy", {tag, "2.7.1"}}}, {esockd, {git, "https://github.com/emqx/esockd", {tag, "5.7.4"}}}, - {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.7.4"}}}, + {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.7.5"}}}, {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "2.5.0"}}}, {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}} ]}. From 6a7438ce6b15d86473e938de6804971c84a3be2b Mon Sep 17 00:00:00 2001 From: z8674558 Date: Fri, 4 Dec 2020 15:21:28 +0900 Subject: [PATCH 04/11] feat(ci): use gitlint to check if commit messages are semantic --- .github/workflows/.gitlint | 119 +++++++++++++++++++++++++++++ .github/workflows/run_gitlint.yaml | 34 +++++++++ 2 files changed, 153 insertions(+) create mode 100644 .github/workflows/.gitlint create mode 100644 .github/workflows/run_gitlint.yaml diff --git a/.github/workflows/.gitlint b/.github/workflows/.gitlint new file mode 100644 index 000000000..1396f5911 --- /dev/null +++ b/.github/workflows/.gitlint @@ -0,0 +1,119 @@ +# Edit this file as you like. +# +# All these sections are optional. Each section with the exception of [general] represents +# one rule and each key in it is an option for that specific rule. +# +# Rules and sections can be referenced by their full name or by id. For example +# section "[body-max-line-length]" could also be written as "[B1]". Full section names are +# used in here for clarity. +# +[general] +# Ignore certain rules, this example uses both full name and id +ignore=title-trailing-punctuation, T1, T2, T3, T4, T5, T6, T8, B1, B2, B3, B4, B5, B6, B7, B8 + +# verbosity should be a value between 1 and 3, the commandline -v flags take precedence over this +# verbosity = 2 + +# By default gitlint will ignore merge, revert, fixup and squash commits. +# ignore-merge-commits=true +# ignore-revert-commits=true +# ignore-fixup-commits=true +# ignore-squash-commits=true + +# Ignore any data send to gitlint via stdin +# ignore-stdin=true + +# Fetch additional meta-data from the local repository when manually passing a +# commit message to gitlint via stdin or --commit-msg. Disabled by default. +# staged=true + +# Enable debug mode (prints more output). Disabled by default. +# debug=true + +# Enable community contributed rules +# See http://jorisroovers.github.io/gitlint/contrib_rules for details +# contrib=contrib-title-conventional-commits,CC1 + +# Set the extra-path where gitlint will search for user defined rules +# See http://jorisroovers.github.io/gitlint/user_defined_rules for details +# extra-path=examples/ + +# This is an example of how to configure the "title-max-length" rule and +# set the line-length it enforces to 80 +# [title-max-length] +# line-length=50 + +# Conversely, you can also enforce minimal length of a title with the +# "title-min-length" rule: +# [title-min-length] +# min-length=5 + +# [title-must-not-contain-word] +# Comma-separated list of words that should not occur in the title. Matching is case +# insensitive. It's fine if the keyword occurs as part of a larger word (so "WIPING" +# will not cause a violation, but "WIP: my title" will. +# words=wip + +[title-match-regex] +# python-style regex that the commit-msg title must match +# Note that the regex can contradict with other rules if not used correctly +# (e.g. title-must-not-contain-word). +regex=^(feat|fix|docs|style|refactor|test|chore|perf)\(.+\): .+ + +# [body-max-line-length] +# line-length=72 + +# [body-min-length] +# min-length=5 + +# [body-is-missing] +# Whether to ignore this rule on merge commits (which typically only have a title) +# default = True +# ignore-merge-commits=false + +# [body-changed-file-mention] +# List of files that need to be explicitly mentioned in the body when they are changed +# This is useful for when developers often erroneously edit certain files or git submodules. +# By specifying this rule, developers can only change the file when they explicitly reference +# it in the commit message. +# files=gitlint/rules.py,README.md + +# [body-match-regex] +# python-style regex that the commit-msg body must match. +# E.g. body must end in My-Commit-Tag: foo +# regex=My-Commit-Tag: foo$ + +# [author-valid-email] +# python-style regex that the commit author email address must match. +# For example, use the following regex if you only want to allow email addresses from foo.com +# regex=[^@]+@foo.com + +[ignore-by-title] +# Ignore certain rules for commits of which the title matches a regex +# E.g. Match commit titles that start with "Release" +# regex=^Release(.*) + +# Ignore certain rules, you can reference them by their id or by their full name +# Use 'all' to ignore all rules +# ignore=T1,body-min-length + +[ignore-by-body] +# Ignore certain rules for commits of which the body has a line that matches a regex +# E.g. Match bodies that have a line that that contain "release" +# regex=(.*)release(.*) +# +# Ignore certain rules, you can reference them by their id or by their full name +# Use 'all' to ignore all rules +# ignore=T1,body-min-length + +# [ignore-body-lines] +# Ignore certain lines in a commit body that match a regex. +# E.g. Ignore all lines that start with 'Co-Authored-By' +# regex=^Co-Authored-By + +# This is a contrib rule - a community contributed rule. These are disabled by default. +# You need to explicitly enable them one-by-one by adding them to the "contrib" option +# under [general] section above. +# [contrib-title-conventional-commits] +# Specify allowed commit types. For details see: https://www.conventionalcommits.org/ +# types = bugfix,user-story,epic diff --git a/.github/workflows/run_gitlint.yaml b/.github/workflows/run_gitlint.yaml new file mode 100644 index 000000000..7640c0676 --- /dev/null +++ b/.github/workflows/run_gitlint.yaml @@ -0,0 +1,34 @@ +name: Run gitlint + +on: [pull_request] + +jobs: + run_gitlint: + runs-on: ubuntu-latest + steps: + - name: Checkout source code + uses: actions/checkout@master + - name: Install gitlint + run: | + sudo apt-get update + sudo apt install gitlint + - name: Run gitlint + run: | + pr_number=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }') + messages=$(curl "https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${pr_number}/commits") + len=$(echo $messages | jq length) + result=true + for i in $( seq 0 $(($len - 1)) ); do + message=$(echo $messages | jq -r .[$i].commit.message) + echo commit message: $message + status=0 + echo $message | gitlint -C ./.github/workflows/.gitlint || status=$? + if [ $status -ne 0 ]; then + result=false + fi + done + if ! ${result} ; then + echo "Some of the commit messages are not structured as The Conventional Commits specification. Please check CONTRIBUTING.md for our process on PR." + exit 1 + fi + echo "success" From fd986bbbb2e9ad0676bd425c5a6db681778b2366 Mon Sep 17 00:00:00 2001 From: z8674558 Date: Fri, 4 Dec 2020 15:23:10 +0900 Subject: [PATCH 05/11] docs(contrib): add CONTRIBUTING.md --- CONTRIBUTING.md | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..f2c61087b --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,38 @@ +# Contributing + +You are welcome to submit any bugs, issues and feature requests on this repository. + +## Pull Request Process + +1. Update the README.md with details of changes to the interface. + +2. Ensure that each of the commit messages are in the following style: + + Format: `(): ` + + Type: + + - `feat`: (new feature for the user, not a new feature for build script) + - `fix`: (bug fix for the user, not a fix to a build script) + - `docs`: (changes to the documentation) + - `style`: (formatting, missing semi colons, etc; no production code change) + - `refactor`: (refactoring production code, eg. renaming a variable) + - `test`: (adding missing tests, refactoring tests; no production code change) + - `chore`: (updating grunt tasks etc; no production code change) + - `perf`: (performance improvements) + + **Example** + + ``` + feat(build): deterministic compile option + ^--^ ^---^ ^--------------------------^ + | | | + | | +-> Summary in present tense. + | | + | | + | +-------> Scope of the change. + | + +-------> Type: chore, docs, feat, fix, perf, refactor, style, or test. + ``` + + [Reference](https://gist.github.com/joshbuchea/6f47e86d2510bce28f8e7f42ae84c716) From 315d14d3edc6943648d97ae28c472fec03cbf082 Mon Sep 17 00:00:00 2001 From: "ayodele.akingbule" Date: Wed, 9 Dec 2020 13:14:06 +0100 Subject: [PATCH 06/11] chore(lint): Add Elvis Linter Config and Github Action --- .github/workflows/elvis_lint.yaml | 13 +++++++++++ .gitignore | 1 + elvis-check.sh | 36 +++++++++++++++++++++++++++++++ elvis.config | 31 ++++++++++++++++++++++++++ 4 files changed, 81 insertions(+) create mode 100644 .github/workflows/elvis_lint.yaml create mode 100755 elvis-check.sh create mode 100644 elvis.config diff --git a/.github/workflows/elvis_lint.yaml b/.github/workflows/elvis_lint.yaml new file mode 100644 index 000000000..7d852b44f --- /dev/null +++ b/.github/workflows/elvis_lint.yaml @@ -0,0 +1,13 @@ +name: Elvis Linter + +on: [push, pull_request] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - run: | + echo "$GITHUB_BASE_REF" + echo "$GITHUB_HEAD_REF" + ./elvis-check.sh $GITHUB_BASE_REF $GITHUB_HEAD_REF diff --git a/.gitignore b/.gitignore index aaec950d4..101ceae31 100644 --- a/.gitignore +++ b/.gitignore @@ -41,3 +41,4 @@ erlang.mk *.coverdata etc/emqx.conf.rendered Mnesia.*/ +elvis diff --git a/elvis-check.sh b/elvis-check.sh new file mode 100755 index 000000000..61b8e4c79 --- /dev/null +++ b/elvis-check.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +set -euo pipefail + +echo "GITHUB_BASE_REF $1" +echo "GITHUB_HEAD_REF $2" +echo "$GITHUB_SHA" + +ELVIS_VERSION='1.0.0-emqx-1' + +base=${GITHUB_BASE_REF:-$1} +elvis_version="${3:-$ELVIS_VERSION}" + +echo "$elvis_version" +echo "$base" + +if [ ! -f ./elvis ] || [ "$(./elvis -v | grep -oE '[1-9]+\.[0-9]+\.[0-9]+\-emqx-[0-9]+')" != "$ELVIS_VERSION" ]; then + curl -fLO "https://github.com/emqx/elvis/releases/download/$elvis_version/elvis" + chmod +x ./elvis +fi + +git fetch origin "$base" +git checkout -b refBranch HEAD +git diff --name-only origin/"$base" refBranch + +bad_file_count=0 +for n in $(git diff --name-only origin/"$base" refBranch); do + + if ! ./elvis rock "$n"; then + bad_file_count=$(( bad_file_count + 1)) + fi +done +if [ $bad_file_count -gt 0 ]; then + echo "elvis: $bad_file_count errors" + exit 1 +fi diff --git a/elvis.config b/elvis.config new file mode 100644 index 000000000..526674f49 --- /dev/null +++ b/elvis.config @@ -0,0 +1,31 @@ +[ + { + elvis, + [ + {config, + [ + {dirs => ["apps"], + filter => "*.erl", + ruleset => erl_files, +# rules => [ +# {elvis_style, max_module_length, #{}}, +# {elvis_style, no_common_caveats_call, #{}} +# ] + }, + {dirs => ["."], + filter => "Makefile", + ruleset => makefiles + }, + {dirs => ["."], + filter => "rebar.config", + ruleset => rebar_config + }, + {dirs => ["."], + filter => "elvis.config", + ruleset => elvis_config + } + ] + } + ] + } +]. From e06fcbb769b37941527660e12092c8b4d55052ae Mon Sep 17 00:00:00 2001 From: Zaiming Shi Date: Wed, 9 Dec 2020 14:16:33 +0100 Subject: [PATCH 07/11] chore(elvis): only trigger in github action when pull request --- .github/workflows/elvis_lint.yaml | 6 ++---- elvis-check.sh | 21 +++++++++------------ 2 files changed, 11 insertions(+), 16 deletions(-) diff --git a/.github/workflows/elvis_lint.yaml b/.github/workflows/elvis_lint.yaml index 7d852b44f..6f9d8d31a 100644 --- a/.github/workflows/elvis_lint.yaml +++ b/.github/workflows/elvis_lint.yaml @@ -1,6 +1,6 @@ name: Elvis Linter -on: [push, pull_request] +on: [pull_request] jobs: build: @@ -8,6 +8,4 @@ jobs: steps: - uses: actions/checkout@v1 - run: | - echo "$GITHUB_BASE_REF" - echo "$GITHUB_HEAD_REF" - ./elvis-check.sh $GITHUB_BASE_REF $GITHUB_HEAD_REF + ./elvis-check.sh $GITHUB_BASE_REF diff --git a/elvis-check.sh b/elvis-check.sh index 61b8e4c79..7f6213b08 100755 --- a/elvis-check.sh +++ b/elvis-check.sh @@ -2,30 +2,27 @@ set -euo pipefail -echo "GITHUB_BASE_REF $1" -echo "GITHUB_HEAD_REF $2" -echo "$GITHUB_SHA" - ELVIS_VERSION='1.0.0-emqx-1' base=${GITHUB_BASE_REF:-$1} -elvis_version="${3:-$ELVIS_VERSION}" +elvis_version="${2:-$ELVIS_VERSION}" -echo "$elvis_version" -echo "$base" +echo "elvis -v: $elvis_version" +echo "git diff base: $base" -if [ ! -f ./elvis ] || [ "$(./elvis -v | grep -oE '[1-9]+\.[0-9]+\.[0-9]+\-emqx-[0-9]+')" != "$ELVIS_VERSION" ]; then +if [ ! -f ./elvis ] || [ "$(./elvis -v | grep -oE '[1-9]+\.[0-9]+\.[0-9]+\-emqx-[0-9]+')" != "$elvis_version" ]; then curl -fLO "https://github.com/emqx/elvis/releases/download/$elvis_version/elvis" chmod +x ./elvis fi git fetch origin "$base" -git checkout -b refBranch HEAD -git diff --name-only origin/"$base" refBranch + +git_diff() { + git diff --name-only origin/"$base"...HEAD +} bad_file_count=0 -for n in $(git diff --name-only origin/"$base" refBranch); do - +for n in $(git_diff); do if ! ./elvis rock "$n"; then bad_file_count=$(( bad_file_count + 1)) fi From ca86e795e8cc0ea722dfc29c6eef48c31cbb8ac1 Mon Sep 17 00:00:00 2001 From: zhanghongtong Date: Mon, 30 Nov 2020 17:28:03 +0800 Subject: [PATCH 08/11] feat(listener): add depth for ssl listener --- .gitignore | 1 + etc/emqx.conf | 6 ++++++ priv/emqx.schema | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/.gitignore b/.gitignore index 101ceae31..20ae8f090 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,4 @@ erlang.mk etc/emqx.conf.rendered Mnesia.*/ elvis +.stamp diff --git a/etc/emqx.conf b/etc/emqx.conf index 24a3a3060..c58c66a46 100644 --- a/etc/emqx.conf +++ b/etc/emqx.conf @@ -1317,6 +1317,12 @@ listener.ssl.external.access.1 = allow all ## Value: Duration listener.ssl.external.handshake_timeout = 15s +## Maximum number of non-self-issued intermediate certificates that +## can follow the peer certificate in a valid certification path. +## +## Value: Number +## listener.ssl.external.depth = 10 + ## Path to the file containing the user's private PEM-encoded key. ## ## See: http://erlang.org/doc/man/ssl.html diff --git a/priv/emqx.schema b/priv/emqx.schema index fd5badb68..ccecd8315 100644 --- a/priv/emqx.schema +++ b/priv/emqx.schema @@ -1368,6 +1368,11 @@ end}. {datatype, {duration, ms}} ]}. +{mapping, "listener.ssl.$name.depth", "emqx.listeners", [ + {default, 10}, + {datatype, integer} +]}. + {mapping, "listener.ssl.$name.dhfile", "emqx.listeners", [ {datatype, string} ]}. @@ -1878,6 +1883,7 @@ end}. {ciphers, Ciphers}, {user_lookup_fun, UserLookupFun}, {handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf, undefined)}, + {depth, cuttlefish:conf_get(Prefix ++ ".depth", Conf, undefined)}, {dhfile, cuttlefish:conf_get(Prefix ++ ".dhfile", Conf, undefined)}, {keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)}, {certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)}, From 19e8a187e4826c95c5cbc3357df794274c75968e Mon Sep 17 00:00:00 2001 From: JianBo He Date: Fri, 11 Dec 2020 09:45:49 +0800 Subject: [PATCH 09/11] feat(ssl): supports configuration of keyfile password --- etc/emqx.conf | 22 ++++++++++++++++++++++ priv/emqx.schema | 14 ++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/etc/emqx.conf b/etc/emqx.conf index c58c66a46..d6d8eb3b1 100644 --- a/etc/emqx.conf +++ b/etc/emqx.conf @@ -1323,6 +1323,12 @@ listener.ssl.external.handshake_timeout = 15s ## Value: Number ## listener.ssl.external.depth = 10 +## String containing the user's password. Only used if the private keyfile +## is password-protected. +## +## Value: String +## listener.ssl.external.key_password = yourpass + ## Path to the file containing the user's private PEM-encoded key. ## ## See: http://erlang.org/doc/man/ssl.html @@ -1788,6 +1794,22 @@ listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Value: File ## listener.wss.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem +## Maximum number of non-self-issued intermediate certificates that +## can follow the peer certificate in a valid certification path. +## +## See: listener.ssl.external.depth +## +## Value: Number +## listener.wss.external.depth = 10 + +## String containing the user's password. Only used if the private keyfile +## is password-protected. +## +## See: listener.ssl.$name.key_password +## +## Value: String +## listener.wss.external.key_password = yourpass + ## See: listener.ssl.$name.dhfile ## ## Value: File diff --git a/priv/emqx.schema b/priv/emqx.schema index ccecd8315..54c107016 100644 --- a/priv/emqx.schema +++ b/priv/emqx.schema @@ -1373,6 +1373,10 @@ end}. {datatype, integer} ]}. +{mapping, "listener.ssl.$name.key_password", "emqx.listeners", [ + {datatype, string} +]}. + {mapping, "listener.ssl.$name.dhfile", "emqx.listeners", [ {datatype, string} ]}. @@ -1693,6 +1697,15 @@ end}. {datatype, string} ]}. +{mapping, "listener.wss.$name.depth", "emqx.listeners", [ + {default, 10}, + {datatype, integer} +]}. + +{mapping, "listener.wss.$name.key_password", "emqx.listeners", [ + {datatype, string} +]}. + {mapping, "listener.wss.$name.verify", "emqx.listeners", [ {datatype, atom} ]}. @@ -1884,6 +1897,7 @@ end}. {user_lookup_fun, UserLookupFun}, {handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf, undefined)}, {depth, cuttlefish:conf_get(Prefix ++ ".depth", Conf, undefined)}, + {password, cuttlefish:conf_get(Prefix ++ ".key_password", Conf, undefined)}, {dhfile, cuttlefish:conf_get(Prefix ++ ".dhfile", Conf, undefined)}, {keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)}, {certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)}, From c1e47fd147dd8dbdfe60e14836af7d4db74ff970 Mon Sep 17 00:00:00 2001 From: JianBo He Date: Fri, 11 Dec 2020 10:36:57 +0800 Subject: [PATCH 10/11] test(limiter): more robust asserting logic --- test/emqx_limiter_SUITE.erl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/test/emqx_limiter_SUITE.erl b/test/emqx_limiter_SUITE.erl index a818e0d15..a444b3f43 100644 --- a/test/emqx_limiter_SUITE.erl +++ b/test/emqx_limiter_SUITE.erl @@ -42,9 +42,10 @@ t_init(_) -> Cap1 = 1000, Intv1 = 10, Cap2 = 2000, Intv2 = 15, undefined = emqx_limiter:init(external, undefined, undefined, []), - ?assertEqual(emqx_limiter:init(external, undefined, undefined, [{conn_messages_in, {Cap1, Intv1}}, - {conn_bytes_in, {Cap2, Intv2}}]), - emqx_limiter:init(external, {Cap1, Intv1}, {Cap2, Intv2}, [])), + #{conn_bytes_in := #{capacity := Cap2, interval := Intv2, tokens := Cap2}, + conn_messages_in := #{capacity := Cap1, interval := Intv1, tokens := Cap1 }} = + emqx_limiter:info( + emqx_limiter:init(external, {Cap1, Intv1}, {Cap2, Intv2}, [])), #{conn_bytes_in := #{capacity := Cap2, interval := Intv2, tokens := Cap2 }} = emqx_limiter:info( emqx_limiter:init(external, undefined, {Cap1, Intv1}, [{conn_bytes_in, {Cap2, Intv2}}])). From 897f862d29b45bd1585bc2ba3a122e8f5368ffc4 Mon Sep 17 00:00:00 2001 From: zhanghongtong Date: Fri, 11 Dec 2020 20:01:31 +0800 Subject: [PATCH 11/11] chore(appup): update appup version --- src/emqx.appup.src | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/emqx.appup.src b/src/emqx.appup.src index c36611f85..26c90e850 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -6,8 +6,9 @@ 4 -> % arch_32 {1000, cuttlefish_bytesize:parse("32MB")} end, -{"4.2.3", +{VSN, [ + {<<".*">>, []}, {"4.2.2", [ {load_module, emqx_metrics, brutal_purge, soft_purge, []} ]}, @@ -29,6 +30,7 @@ ]} ], [ + {<<".*">>, []}, {"4.2.2", [ {load_module, emqx_metrics, brutal_purge, soft_purge, []} ]},