154 lines
5.0 KiB
Plaintext
154 lines
5.0 KiB
Plaintext
##--------------------------------------------------------------------
|
|
## HTTP Auth/ACL Plugin
|
|
##--------------------------------------------------------------------
|
|
|
|
## HTTP URL API path for Auth Request
|
|
##
|
|
## Value: URL
|
|
##
|
|
## Examples: http://127.0.0.1:80/mqtt/auth, https://[::1]:80/mqtt/auth
|
|
auth.http.auth_req.url = http://127.0.0.1:80/mqtt/auth
|
|
|
|
## HTTP Request Method for Auth Request
|
|
##
|
|
## Value: post | get
|
|
auth.http.auth_req.method = post
|
|
|
|
## HTTP Request Headers for Auth Request, Content-Type header is configured by default.
|
|
## The possible values of the Content-Type header: application/x-www-form-urlencoded, application/json
|
|
##
|
|
## Examples: auth.http.auth_req.headers.accept = */*
|
|
auth.http.auth_req.headers.content-type = application/x-www-form-urlencoded
|
|
|
|
## Parameters used to construct the request body or query string parameters
|
|
## When the request method is GET, these parameters will be converted into query string parameters
|
|
## When the request method is POST, the final format is determined by content-type
|
|
##
|
|
## Available Variables:
|
|
## - %u: username
|
|
## - %c: clientid
|
|
## - %a: ipaddress
|
|
## - %r: protocol
|
|
## - %P: password
|
|
## - %p: sockport of server accepted
|
|
## - %C: common name of client TLS cert
|
|
## - %d: subject of client TLS cert
|
|
##
|
|
## Value: <K1>=<V1>,<K2>=<V2>,...
|
|
auth.http.auth_req.params = clientid=%c,username=%u,password=%P
|
|
|
|
## HTTP URL API path for SuperUser Request
|
|
##
|
|
## Value: URL
|
|
##
|
|
## Examples: http://127.0.0.1:80/mqtt/superuser, https://[::1]:80/mqtt/superuser
|
|
auth.http.super_req.url = http://127.0.0.1:80/mqtt/superuser
|
|
|
|
## HTTP Request Method for SuperUser Request
|
|
##
|
|
## Value: post | get
|
|
auth.http.super_req.method = post
|
|
|
|
## HTTP Request Headers for SuperUser Request, Content-Type header is configured by default.
|
|
## The possible values of the Content-Type header: application/x-www-form-urlencoded, application/json
|
|
##
|
|
## Examples: auth.http.super_req.headers.accept = */*
|
|
auth.http.super_req.headers.content-type = application/x-www-form-urlencoded
|
|
|
|
## Parameters used to construct the request body or query string parameters
|
|
## When the request method is GET, these parameters will be converted into query string parameters
|
|
## When the request method is POST, the final format is determined by content-type
|
|
##
|
|
## Available Variables:
|
|
## - %u: username
|
|
## - %c: clientid
|
|
## - %a: ipaddress
|
|
## - %r: protocol
|
|
## - %P: password
|
|
## - %p: sockport of server accepted
|
|
## - %C: common name of client TLS cert
|
|
## - %d: subject of client TLS cert
|
|
##
|
|
## Value: <K1>=<V1>,<K2>=<V2>,...
|
|
auth.http.super_req.params = clientid=%c,username=%u
|
|
|
|
## HTTP URL API path for ACL Request
|
|
##
|
|
## Value: URL
|
|
##
|
|
## Examples: http://127.0.0.1:80/mqtt/acl, https://[::1]:80/mqtt/acl
|
|
auth.http.acl_req.url = http://127.0.0.1:80/mqtt/acl
|
|
|
|
## HTTP Request Method for ACL Request
|
|
##
|
|
## Value: post | get
|
|
auth.http.acl_req.method = post
|
|
|
|
## HTTP Request Headers for ACL Request, Content-Type header is configured by default.
|
|
## The possible values of the Content-Type header: application/x-www-form-urlencoded, application/json
|
|
##
|
|
## Examples: auth.http.acl_req.headers.accept = */*
|
|
auth.http.acl_req.headers.content-type = application/x-www-form-urlencoded
|
|
|
|
## Parameters used to construct the request body or query string parameters
|
|
## When the request method is GET, these parameters will be converted into query string parameters
|
|
## When the request method is POST, the final format is determined by content-type
|
|
##
|
|
## Available Variables:
|
|
## - %u: username
|
|
## - %c: clientid
|
|
## - %a: ipaddress
|
|
## - %r: protocol
|
|
## - %P: password
|
|
## - %p: sockport of server accepted
|
|
## - %C: common name of client TLS cert
|
|
## - %d: subject of client TLS cert
|
|
##
|
|
## Value: <K1>=<V1>,<K2>=<V2>,...
|
|
auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m
|
|
|
|
## Time-out time for the request.
|
|
##
|
|
## Value: Duration
|
|
## -h: hour, e.g. '2h' for 2 hours
|
|
## -m: minute, e.g. '5m' for 5 minutes
|
|
## -s: second, e.g. '30s' for 30 seconds
|
|
##
|
|
## Default: 5s
|
|
auth.http.timeout = 5s
|
|
|
|
## Connection time-out time, used during the initial request,
|
|
## when the client is connecting to the server.
|
|
##
|
|
## Value: Duration
|
|
## -h: hour, e.g. '2h' for 2 hours
|
|
## -m: minute, e.g. '5m' for 5 minutes
|
|
## -s: second, e.g. '30s' for 30 seconds
|
|
##
|
|
## Default: 5s
|
|
auth.http.connect_timeout = 5s
|
|
|
|
## Connection process pool size
|
|
##
|
|
## Value: Number
|
|
auth.http.pool_size = 32
|
|
|
|
##------------------------------------------------------------------------------
|
|
## SSL options
|
|
|
|
## Path to the file containing PEM-encoded CA certificates. The CA certificates
|
|
## are used during server authentication and when building the client certificate chain.
|
|
##
|
|
## Value: File
|
|
## auth.http.ssl.cacertfile = {{ platform_etc_dir }}/certs/ca.pem
|
|
|
|
## The path to a file containing the client's certificate.
|
|
##
|
|
## Value: File
|
|
## auth.http.ssl.certfile = {{ platform_etc_dir }}/certs/client-cert.pem
|
|
|
|
## Path to a file containing the client's private PEM-encoded key.
|
|
##
|
|
## Value: File
|
|
## auth.http.ssl.keyfile = {{ platform_etc_dir }}/certs/client-key.pem
|