diff --git a/examples/alarm.conf.example b/examples/alarm.conf.example
index 84c92f974..537341ea2 100644
--- a/examples/alarm.conf.example
+++ b/examples/alarm.conf.example
@@ -11,7 +11,7 @@ alarm {
## Type: Array of the below enum
## - log :: write the alarm to log
## - publish :: publish the alarm as an MQTT message to the system topics
- actions = [log]
+ actions = [log, publish]
## Maximum total number of deactivated alarms to keep as history
## Type: Range from 1 to 3000
diff --git a/examples/broker.conf.example b/examples/broker.conf.example
deleted file mode 100644
index be898128c..000000000
--- a/examples/broker.conf.example
+++ /dev/null
@@ -1,30 +0,0 @@
-##--------------------------------------------------------------------
-## Broker
-##
-## Message broker options
-##--------------------------------------------------------------------
-## Note: This is an example of how to configure this feature
-## you should copy and paste the below data into the emqx.conf for working
-
-## Note: If you and finding how to configure EMQX itself, have a look at the node.conf.example
-
-broker {
- ## Session locking strategy in a cluster
- ## Type:
- ## - local :: only lock the session on the current node
- ## - leader :: select only one remote node to lock the session
- ## - quorum :: select some nodes to lock the session
- ## - all :: lock the session on all the nodes in the cluster
- session_locking_strategy = quorum
-
- ## Dispatch strategy for shared subscription
- ## Type:
- ## - random :: dispatch the message to a random selected subscriber
- ## - round_robin :: select the subscribers in a round-robin manner
- ## - round_robin_per_group :: select the subscribers in round-robin fashion within each shared subscriber group
- ## - local :: select random local subscriber otherwise select random cluster-wide
- ## - sticky :: always use the last selected subscriber to dispatch, until the subscriber disconnects.
- ## - hash_clientid :: select the subscribers by hashing the `clientIds`
- ## - hash_topic :: select the subscribers by hashing the source topic"""
- shared_subscription_strategy = round_robin
- }
diff --git a/examples/cluster-with-dns.conf.example b/examples/cluster-with-dns.conf.example
index f17ce8303..f979eb689 100644
--- a/examples/cluster-with-dns.conf.example
+++ b/examples/cluster-with-dns.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = dns
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
diff --git a/examples/cluster-with-etcd-ssl.conf.example b/examples/cluster-with-etcd-ssl.conf.example
index 2d4ce35ac..b7c642770 100644
--- a/examples/cluster-with-etcd-ssl.conf.example
+++ b/examples/cluster-with-etcd-ssl.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = etcd
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
diff --git a/examples/cluster-with-etcd.conf.example b/examples/cluster-with-etcd.conf.example
index b13313438..17ab604d6 100644
--- a/examples/cluster-with-etcd.conf.example
+++ b/examples/cluster-with-etcd.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = etcd
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
diff --git a/examples/cluster-with-k8s.conf.example b/examples/cluster-with-k8s.conf.example
index ea94818c0..4fd329b24 100644
--- a/examples/cluster-with-k8s.conf.example
+++ b/examples/cluster-with-k8s.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = k8s
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
@@ -24,7 +24,7 @@ cluster {
k8s {
## Kubernetes API endpoint URL
- apiserver = "http://10.110.111.204:8080"
+ apiserver = "https://kubernetes.default.svc:443"
## EMQX broker service name
service_name = emqx
diff --git a/examples/cluster-with-manual.conf.example b/examples/cluster-with-manual.conf.example
index 17bc92346..f075ea389 100644
--- a/examples/cluster-with-manual.conf.example
+++ b/examples/cluster-with-manual.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = manual
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
diff --git a/examples/cluster-with-static.conf.example b/examples/cluster-with-static.conf.example
index 7851b260f..76a9d9980 100644
--- a/examples/cluster-with-static.conf.example
+++ b/examples/cluster-with-static.conf.example
@@ -14,7 +14,7 @@ cluster {
discovery_strategy = static
## List of core nodes that the replicant will connect to
- core_nodes = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ core_nodes = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
## Remove disconnected nodes from the cluster after this interval
autoclean = 5m
@@ -23,5 +23,5 @@ cluster {
autoheal = true
## List EMQX node names in the static cluster
- static.seeds = ['emqx1@192.168.0.1', 'emqx2@192.168.0.2']
+ static.seeds = ["emqx1@192.168.0.1", "emqx2@192.168.0.2"]
}
diff --git a/examples/dashboard-with-http.conf.example b/examples/dashboard-with-http.conf.example
index 292c56212..8cf68ab33 100644
--- a/examples/dashboard-with-http.conf.example
+++ b/examples/dashboard-with-http.conf.example
@@ -14,10 +14,7 @@ dashboard {
cors = false
listeners.http {
- ## Whether to enable the listener
- enable = true
-
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = "0.0.0.0:18083" ## or just a port number, e.g. 18083
## Socket acceptor pool size for TCP protocols
diff --git a/examples/dashboard-with-https.conf.example b/examples/dashboard-with-https.conf.example
index cf7cc28a5..6f399dea3 100644
--- a/examples/dashboard-with-https.conf.example
+++ b/examples/dashboard-with-https.conf.example
@@ -14,10 +14,8 @@ dashboard {
cors = false
listeners.https {
- ## Whether to enable the listener
- enable = true
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = "0.0.0.0:18084" ## or just a port number, e.g. 18084
## Socket acceptor pool size for TCP protocols
@@ -43,48 +41,48 @@ dashboard {
## Trusted PEM format CA certificates bundle file
cacertfile = "data/certs/cacert.pem"
-
+
## PEM format certificates chain file
certfile = "data/certs/cert.pem"
-
+
## PEM format private key file
keyfile = "data/certs/key.pem"
-
+
## Enable or disable peer verification
verify = verify_none ## use verify_peer to enable
-
+
## if `verify' is ebabled, whit true, the connection fails if the client does not have a certificate to send
fail_if_no_peer_cert = false
-
+
## Enable TLS session reuse
reuse_sessions = true
-
+
## Maximum number of non-self-issued intermediate certificates that can follow the peer certificate in a valid certification path
depth = 10
-
+
## Which versions are to be supported
versions = [tlsv1.3, tlsv1.2]
-
+
## TLS cipher suite names
## Note: By default, all available suites are supported, you do not need to set this
ciphers = ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]
-
+
## Allows a client and a server to renegotiate the parameters of the SSL connection on the fly
secure_renegotiate = true
-
+
## Log level for SSL communication
## Type: emergency | alert | critical | error | warning | notice | info | debug | none | all
log_level = notice
-
+
## Hibernate the SSL process after idling for amount of time reducing its memory footprint
hibernate_after = 5s
-
+
## Forces the cipher to be set based on the server-specified order instead of the client-specified order
honor_cipher_order = true
-
+
## Setting this to false to disable client-initiated renegotiation
client_renegotiation = true
-
+
## Maximum time duration allowed for the handshake to complete
handshake_timeout = 15s
}
diff --git a/examples/listeners.quic.conf.example b/examples/listeners.quic.conf.example
index 2f4fca0b8..49d4f58a1 100644
--- a/examples/listeners.quic.conf.example
+++ b/examples/listeners.quic.conf.example
@@ -8,10 +8,7 @@
## Note: Modifying the 'quicname' to what you need
listeners.quic.quicname {
- ## Whether to enable the listener
- enable = true
-
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = 14567 ## or with an IP, e.g. "127.0.0.1:14567"
## When publishing or subscribing, prefix all topics with a mountpoint string
@@ -31,18 +28,20 @@ listeners.quic.quicname {
## Type: infinity | Integer
max_connections = infinity
- ## Trusted PEM format CA certificates bundle file
- cacertfile = "data/certs/cacert.pem"
-
- ## PEM format certificates chain file
- certfile = "data/certs/cert.pem"
-
- ## PEM format private key file
- keyfile = "data/certs/key.pem"
-
- ## Enable or disable peer verification
- verify = verify_none ## to verify_peer to enable
-
## TLS cipher suite names
ciphers = ["TLS_AES_256_GCM_SHA384", "TLS_AES_128_GCM_SHA256", "TLS_CHACHA20_POLY1305_SHA256"]
+
+ ssl_options {
+ ## Trusted PEM format CA certificates bundle file
+ cacertfile = "data/certs/cacert.pem"
+
+ ## PEM format certificates chain file
+ certfile = "data/certs/cert.pem"
+
+ ## PEM format private key file
+ keyfile = "data/certs/key.pem"
+
+ ## Enable or disable peer verification
+ verify = verify_none ## to verify_peer to enable
+ }
}
diff --git a/examples/listeners.ssl.conf.example b/examples/listeners.ssl.conf.example
index bf7d3817a..e86bd6b4d 100644
--- a/examples/listeners.ssl.conf.example
+++ b/examples/listeners.ssl.conf.example
@@ -11,56 +11,55 @@
## Note: Modifying the 'sslname' to what you need
listeners.ssl.sslname {
- ## Whether to enable the listener
- enable = true
-
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = 8883 ## or with an IP e.g. "127.0.0.1:8883"
- ## Trusted PEM format CA certificates bundle file
- cacertfile = "data/certs/cacert.pem"
+ ssl_options {
+ ## Trusted PEM format CA certificates bundle file
+ cacertfile = "data/certs/cacert.pem"
- ## PEM format certificates chain file
- certfile = "data/certs/cert.pem"
+ ## PEM format certificates chain file
+ certfile = "data/certs/cert.pem"
- ## PEM format private key file
- keyfile = "data/certs/key.pem"
+ ## PEM format private key file
+ keyfile = "data/certs/key.pem"
- ## Enable or disable peer verification
- verify = verify_none ## use verify_peer to enable
+ ## Enable or disable peer verification
+ verify = verify_none ## use verify_peer to enable
- ## if `verify' is ebabled, whit true, the connection fails if the client does not have a certificate to send
- fail_if_no_peer_cert = false
+ ## if `verify' is ebabled, whit true, the connection fails if the client does not have a certificate to send
+ fail_if_no_peer_cert = false
- ## Enable TLS session reuse
- reuse_sessions = true
+ ## Enable TLS session reuse
+ reuse_sessions = true
- ## Maximum number of non-self-issued intermediate certificates that can follow the peer certificate in a valid certification path
- depth = 10
+ ## Maximum number of non-self-issued intermediate certificates that can follow the peer certificate in a valid certification path
+ depth = 10
- ## Which versions are to be supported
- versions = [tlsv1.3, tlsv1.2]
+ ## Which versions are to be supported
+ versions = [tlsv1.3, tlsv1.2]
- ## TLS cipher suite names
- ## Note: By default, all available suites are supported, you do not need to set this
- ciphers = ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]
+ ## TLS cipher suite names
+ ## Note: By default, all available suites are supported, you do not need to set this
+ ciphers = ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]
- ## Allows a client and a server to renegotiate the parameters of the SSL connection on the fly
- secure_renegotiate = true
+ ## Allows a client and a server to renegotiate the parameters of the SSL connection on the fly
+ secure_renegotiate = true
- ## Log level for SSL communication
- ## Type: emergency | alert | critical | error | warning | notice | info | debug | none | all
- log_level = notice
+ ## Log level for SSL communication
+ ## Type: emergency | alert | critical | error | warning | notice | info | debug | none | all
+ log_level = notice
- ## Hibernate the SSL process after idling for amount of time reducing its memory footprint
- hibernate_after = 5s
+ ## Hibernate the SSL process after idling for amount of time reducing its memory footprint
+ hibernate_after = 5s
- ## Forces the cipher to be set based on the server-specified order instead of the client-specified order
- honor_cipher_order = true
+ ## Forces the cipher to be set based on the server-specified order instead of the client-specified order
+ honor_cipher_order = true
- ## Setting this to false to disable client-initiated renegotiation
- client_renegotiation = true
+ ## Setting this to false to disable client-initiated renegotiation
+ client_renegotiation = true
- ## Maximum time duration allowed for the handshake to complete
- handshake_timeout = 15s
+ ## Maximum time duration allowed for the handshake to complete
+ handshake_timeout = 15s
+ }
}
diff --git a/examples/listeners.tcp.conf.example b/examples/listeners.tcp.conf.example
index d7392962b..42e98b071 100644
--- a/examples/listeners.tcp.conf.example
+++ b/examples/listeners.tcp.conf.example
@@ -8,10 +8,7 @@
## Note: Modifying the 'tcpname' to what you need
listeners.tcp.tcpname {
- ## false to disable this
- enable = true
-
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = 1883 ## or with an IP e.g. "127.0.0.1:1883"
## Enable the Proxy Protocol V1/2 if the EMQX cluster is deployed behind HAProxy or Nginx
@@ -41,38 +38,40 @@ listeners.tcp.tcpname {
## Type: infinity | Integer
max_connections = infinity
- ## TCP backlog defines the maximum length that the queue of pending connections can grow to
- backlog = 1024
+ tcp_options {
+ ## TCP backlog defines the maximum length that the queue of pending connections can grow to
+ backlog = 1024
- ## The TCP send timeout for the connections
- send_timeout = 15s
+ ## The TCP send timeout for the connections
+ send_timeout = 15s
- ## Timeout for proxy protocol
- send_timeout_close = true
+ ## Timeout for proxy protocol
+ send_timeout_close = true
- ## The TCP receive buffer (OS kernel) for the connections
- recbuf = 2KB
+ ## The TCP receive buffer (OS kernel) for the connections
+ recbuf = 2KB
- ## The TCP send buffer (OS kernel) for the connections
- sndbuf = 4KB
+ ## The TCP send buffer (OS kernel) for the connections
+ sndbuf = 4KB
- ## The size of the user-space buffer used by the driver
- buffer = 4KB
+ ## The size of the user-space buffer used by the driver
+ buffer = 4KB
- ## The socket is set to a busy state when the amount of data queued internally by the VM socket implementation reaches this limit
- high_watermark = 1MB
+ ## The socket is set to a busy state when the amount of data queued internally by the VM socket implementation reaches this limit
+ high_watermark = 1MB
- ## The TCP_NODELAY flag for the connections
- nodelay = true
+ ## The TCP_NODELAY flag for the connections
+ nodelay = true
- ## The SO_REUSEADDR flag for the connections
- reuseaddr = true
+ ## The SO_REUSEADDR flag for the connections
+ reuseaddr = true
- ## Enable TCP keepalive for MQTT connections over TCP or SSL
- ## Type: three comma separated numbers in the format of 'Idle,Interval,Probes'
- ## - Idle: The number of seconds a connection needs to be idle before the server begins to send out keep-alive probes (Linux default 7200).
- ## - Interval: The number of seconds between TCP keep-alive probes (Linux default 75).
- ## - Probes: The maximum number of TCP keep-alive probes to send before giving up and killing the connection if no response is obtained from the other end (Linux default 9).
- ## For example "240,30,5" means: EMQX should start sending TCP keepalive probes after the connection is in idle for 240 seconds, and the probes are sent every 30 seconds until a response is received from the MQTT client, if it misses 5 consecutive responses, EMQX should close the connection
- keepalive = "none"
+ ## Enable TCP keepalive for MQTT connections over TCP or SSL
+ ## Type: three comma separated numbers in the format of 'Idle,Interval,Probes'
+ ## - Idle: The number of seconds a connection needs to be idle before the server begins to send out keep-alive probes (Linux default 7200).
+ ## - Interval: The number of seconds between TCP keep-alive probes (Linux default 75).
+ ## - Probes: The maximum number of TCP keep-alive probes to send before giving up and killing the connection if no response is obtained from the other end (Linux default 9).
+ ## For example "240,30,5" means: EMQX should start sending TCP keepalive probes after the connection is in idle for 240 seconds, and the probes are sent every 30 seconds until a response is received from the MQTT client, if it misses 5 consecutive responses, EMQX should close the connection
+ keepalive = "none"
+ }
}
diff --git a/examples/listeners.ws.conf.example b/examples/listeners.ws.conf.example
index 7e1176518..ad9ddbf8a 100644
--- a/examples/listeners.ws.conf.example
+++ b/examples/listeners.ws.conf.example
@@ -11,52 +11,49 @@
## Note: Modifying the 'wsname' to what you need
listeners.ws.wsname {
- ## for to disable this
- enable = true
-
- ## Port or Address to listen on
+ ## Port or Address to listen on, 0 means disable
bind = "0.0.0.0:8083" # or just a port number, e.g. 8083
- ## WebSocket's MQTT protocol path
- ## Type: String
- ## For Example:
- ## with the default value, the address of EMQX Broker's WebSocket is: ws://8083/mqtt
- mqtt_path = "/mqtt"
+ websocket {
+ ## WebSocket's MQTT protocol path
+ ## Type: String
+ ## For Example:
+ ## with the default value, the address of EMQX Broker's WebSocket is: ws://8083/mqtt
+ mqtt_path = "/mqtt"
- ## Whether a WebSocket message is allowed to contain multiple MQTT packets
- ## Type: single | multiple
- mqtt_piggyback = multiple
+ ## Whether a WebSocket message is allowed to contain multiple MQTT packets
+ ## Type: single | multiple
+ mqtt_piggyback = multiple
- ## If true, compress WebSocket messages using zlib
- compress = false
+ ## If true, compress WebSocket messages using zlib
+ compress = false
- ## Close transport-layer connections from the clients that have not sent MQTT CONNECT message within this interval
- idle_timeout = 7200s
+ ## Close transport-layer connections from the clients that have not sent MQTT CONNECT message within this interval
+ idle_timeout = 7200s
- ## The maximum length of a single MQTT packet
- ## Type: infinity | Integer
- max_frame_size = infinity
+ ## The maximum length of a single MQTT packet
+ ## Type: infinity | Integer
+ max_frame_size = infinity
- ## If true, the server will return an error when the client does not carry the Sec-WebSocket-Protocol field
- fail_if_no_subprotocol = true
+ ## If true, the server will return an error when the client does not carry the Sec-WebSocket-Protocol field
+ fail_if_no_subprotocol = true
- ## Comma-separated list of supported subprotocols
- ## Type: Comma Separated List
- supported_subprotocols = "mqtt, mqtt-v3, mqtt-v3.1.1, mqtt-v5"
+ ## Comma-separated list of supported subprotocols
+ supported_subprotocols = "mqtt, mqtt-v3, mqtt-v3.1.1, mqtt-v5"
- ## If true, origin HTTP header will be validated against the list of allowed origins configured in check_origins parameter
- check_origin_enable = false
+ ## If true, origin HTTP header will be validated against the list of allowed origins configured in check_origins parameter
+ check_origin_enable = false
- ## If false and check_origin_enable is true, the server will reject requests that don't have origin HTTP header
- allow_origin_absence = true
+ ## If false and check_origin_enable is true, the server will reject requests that don't have origin HTTP header
+ allow_origin_absence = true
- ## List of allowed origins
- ## Type: Comma Separated List
- check_origins = "http://localhost:18083, http://127.0.0.1:18083"
+ ## List of allowed origins
+ check_origins = "http://localhost:18083, http://127.0.0.1:18083"
- ## HTTP header used to pass information about the client IP address
- proxy_address_header = "x-forwarded-for"
+ ## HTTP header used to pass information about the client IP address
+ proxy_address_header = "x-forwarded-for"
- ## The maximum length of a single MQTT packet
- proxy_port_header = "x-forwarded-port"
+ ## The maximum length of a single MQTT packet
+ proxy_port_header = "x-forwarded-port"
+ }
}
diff --git a/examples/listeners.wss.conf.example b/examples/listeners.wss.conf.example
index 1f41ccd64..a5801b160 100644
--- a/examples/listeners.wss.conf.example
+++ b/examples/listeners.wss.conf.example
@@ -11,54 +11,55 @@
## Note: Modifying the 'wssname' to what you need
listeners.wss.wssname {
- ## false to disable this
- enable = true
-
- ## Port or Address to listen on
- ## Default: 8084
+ ## Port or Address to listen on, 0 means disable
bind = 8084 ## or with an IP, e.g. "127.0.0.1:8084"
- ## PEM format certificates chain file
- certfile = "data/certs/cert.pem"
+ ssl_options {
+ ## Trusted PEM format CA certificates bundle file
+ cacertfile = "data/certs/cacert.pem"
- ## PEM format private key file
- keyfile = "data/certs/key.pem"
+ ## PEM format certificates chain file
+ certfile = "data/certs/cert.pem"
- ## Enable or disable peer verification
- verify = verify_none ## use verify_peer to enable
+ ## PEM format private key file
+ keyfile = "data/certs/key.pem"
- ## if `verify' is ebabled, whit true, the connection fails if the client does not have a certificate to send
- fail_if_no_peer_cert = false
+ ## Enable or disable peer verification
+ verify = verify_none ## use verify_peer to enable
- ## Enable TLS session reuse
- reuse_sessions = true
+ ## if `verify' is ebabled, whit true, the connection fails if the client does not have a certificate to send
+ fail_if_no_peer_cert = false
- ## Maximum number of non-self-issued intermediate certificates that can follow the peer certificate in a valid certification path
- depth = 10
+ ## Enable TLS session reuse
+ reuse_sessions = true
- ## Which versions are to be supported
- versions = [tlsv1.3, tlsv1.2]
+ ## Maximum number of non-self-issued intermediate certificates that can follow the peer certificate in a valid certification path
+ depth = 10
- ## TLS cipher suite names
- ## Note: By default, all available suites are supported, you do not need to set this
- ciphers = ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]
+ ## Which versions are to be supported
+ versions = [tlsv1.3, tlsv1.2]
- ## Allows a client and a server to renegotiate the parameters of the SSL connection on the fly
- secure_renegotiate = true
+ ## TLS cipher suite names
+ ## Note: By default, all available suites are supported, you do not need to set this
+ ciphers = ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]
- ## Log level for SSL communication
- ## Type: emergency | alert | critical | error | warning | notice | info | debug | none | all
- log_level = notice
+ ## Allows a client and a server to renegotiate the parameters of the SSL connection on the fly
+ secure_renegotiate = true
- ## Hibernate the SSL process after idling for amount of time reducing its memory footprint
- hibernate_after = 5s
+ ## Log level for SSL communication
+ ## Type: emergency | alert | critical | error | warning | notice | info | debug | none | all
+ log_level = notice
- ## Forces the cipher to be set based on the server-specified order instead of the client-specified order
- honor_cipher_order = true
+ ## Hibernate the SSL process after idling for amount of time reducing its memory footprint
+ hibernate_after = 5s
- ## Setting this to false to disable client-initiated renegotiation
- client_renegotiation = true
+ ## Forces the cipher to be set based on the server-specified order instead of the client-specified order
+ honor_cipher_order = true
- ## Maximum time duration allowed for the handshake to complete
- handshake_timeout = 15s
+ ## Setting this to false to disable client-initiated renegotiation
+ client_renegotiation = true
+
+ ## Maximum time duration allowed for the handshake to complete
+ handshake_timeout = 15s
+ }
}
diff --git a/examples/mqtt.conf.example b/examples/mqtt.conf.example
index a07877f9d..c5f81f753 100644
--- a/examples/mqtt.conf.example
+++ b/examples/mqtt.conf.example
@@ -110,4 +110,15 @@ mqtt {
## Use the CN, DN field in the peer certificate or the entire certificate content as Client ID
## Type: See the above
peer_cert_as_clientid = disabled
+
+ ## Dispatch strategy for shared subscription
+ ## Type:
+ ## - random :: dispatch the message to a random selected subscriber
+ ## - round_robin :: select the subscribers in a round-robin manner
+ ## - round_robin_per_group :: select the subscribers in round-robin fashion within each shared subscriber group
+ ## - local :: select random local subscriber otherwise select random cluster-wide
+ ## - sticky :: always use the last selected subscriber to dispatch, until the subscriber disconnects.
+ ## - hash_clientid :: select the subscribers by hashing the `clientIds`
+ ## - hash_topic :: select the subscribers by hashing the source topic"""
+ shared_subscription_strategy = round_robin
}
diff --git a/examples/rpc-with-ssl.conf.example b/examples/rpc-with-ssl.conf.example
deleted file mode 100644
index 89695d748..000000000
--- a/examples/rpc-with-ssl.conf.example
+++ /dev/null
@@ -1,76 +0,0 @@
-##--------------------------------------------------------------------
-## RPC With SSL
-## See rpc-with-tcp.conf.example for RPC with TCP
-## EMQX inter-broker communication
-##--------------------------------------------------------------------
-## Note: This is an example of how to configure this feature
-## you should copy and paste the below data into the emqx.conf for working
-
-## Note: Most of the time the default config should work
-## you do not need to modify it unless you know what it is for
-rpc {
- ## Communication mode
- ## Type: async | sync
- mode = async
-
- ## Transport protocol used for inter-broker communication
- ## Type: tcp | ssl
- protocol = ssl
-
- ## The maximum number of batch messages sent in asynchronous mode
- ## Type: Integer
- async_batch_size = 256
-
- ## Port discovery strategy
- ## Type:
- ## - manual :: discover ports by tcp_server_port
- ## - stateless :: discover ports in a stateless manner, using the following algorithm:
- ## If node name is emqxN@127.0.0.1, where the N is an integer, then the listening port will be 5370 + N
- port_discovery = stateless
-
- ## Listening port used by RPC local service
- ssl_server_port = 5369
-
- ## Set the maximum number of RPC communication channels initiated by this node to each remote node
- ## Type: Range from 1 to 256
- tcp_client_num = 10
-
- ## Timeout for establishing an RPC connection
- connect_timeout = 5s
-
- ## Path to TLS certificate file used to validate identity of the cluster nodes
- certfile = "data/cert.pem"
-
- ## Path to the private key file
- keyfile = "data/key.pem"
-
- ## Path to certification authority TLS certificate file
- cacertfile = "data/cacert.pem"
-
- ## Timeout for sending the RPC request
- send_timeout = 5s
-
- ## Timeout for the remote node authentication
- authentication_timeout = 5s
-
- ## Timeout for the reply to a synchronous RPC
- call_receive_timeout = 15s
-
- ## How long the connections between the brokers should remain open after the last message is sent
- socket_keepalive_idle = 15m
-
- ## The interval between keepalive messages
- socket_keepalive_interval = 75s
-
- ## How many times the keepalive probe message can fail to receive a reply until the RPC connection is considered lost
- socket_keepalive_count = 9
-
- ## TCP sending buffer size
- socket_sndbuf = 1MB
-
- ## TCP receiving buffer size
- socket_recbuf = 1MB
-
- ## Socket buffer size in user mode
- socket_buffer = 1MB
-}
diff --git a/examples/rpc-with-tcp.conf.example b/examples/rpc-with-tcp.conf.example
deleted file mode 100644
index 26de872e5..000000000
--- a/examples/rpc-with-tcp.conf.example
+++ /dev/null
@@ -1,67 +0,0 @@
-##--------------------------------------------------------------------
-## RPC With TCP
-## See rpc-with-ssl.conf.example for RPC with SSL
-## EMQX inter-broker communication
-##--------------------------------------------------------------------
-## Note: This is an example of how to configure this feature
-## you should copy and paste the below data into the emqx.conf for working
-
-## Note: Most of the time the default config should work
-## you do not need to modify it unless you know what it is for
-rpc {
- ## Communication mode
- ## Type: sync | async
- mode = async
-
- ## Transport protocol used for inter-broker communication
- ## Type: tcp | ssl
- protocol = tcp
-
- ## The maximum number of batch messages sent in asynchronous mode
- ## Type: Integer
- async_batch_size = 256
-
- ## Port discovery strategy
- ## Type:
- ## - manual :: discover ports by tcp_server_port
- ## - stateless :: discover ports in a stateless manner, using the following algorithm:
- ## If node name is emqxN@127.0.0.1, where the N is an integer, then the listening port will be 5370 + N
- port_discovery = stateless
-
- ## Listening port used by RPC local service
- tcp_server_port = 5369
-
- ## Set the maximum number of RPC communication channels initiated by this node to each remote node
- ## Type: Range from 1 to 256
- tcp_client_num = 10
-
- ## Timeout for establishing an RPC connection
- connect_timeout = 5s
-
- ## Timeout for sending the RPC request
- send_timeout = 5s
-
- ## Timeout for the remote node authentication
- authentication_timeout = 5s
-
- ## Timeout for the reply to a synchronous RPC
- call_receive_timeout = 15s
-
- ## How long the connections between the brokers should remain open after the last message is sent
- socket_keepalive_idle = 15m
-
- ## The interval between keepalive messages
- socket_keepalive_interval = 75s
-
- ## How many times the keepalive probe message can fail to receive a reply until the RPC connection is considered lost
- socket_keepalive_count = 9
-
- ## TCP sending buffer size
- socket_sndbuf = 1MB
-
- ## TCP receiving buffer size
- socket_recbuf = 1MB
-
- ## Socket buffer size in user mode
- socket_buffer = 1MB
-}
diff --git a/rel/i18n/emqx_prometheus_schema.hocon b/rel/i18n/emqx_prometheus_schema.hocon
index a0c4d899c..d68e1d418 100644
--- a/rel/i18n/emqx_prometheus_schema.hocon
+++ b/rel/i18n/emqx_prometheus_schema.hocon
@@ -4,7 +4,7 @@ enable.desc:
"""Turn Prometheus data pushing on or off"""
headers.desc:
-"""A HTTP Headers when pushing to Push Gateway.
+"""An HTTP Headers when pushing to Push Gateway.
For example, { Authorization = "some-authz-tokens"}"""
interval.desc: