reubenmiller
commented
1 year ago Though we'll have to be careful here as not all mosquitto installations create a /etc/mosquitto/conf.d folder (e.g. fedora does not do this!).
Open albinsuresh opened 1 year ago
reubenmiller
commented
1 year ago Though we'll have to be careful here as not all mosquitto installations create a /etc/mosquitto/conf.d folder (e.g. fedora does not do this!).
reubenmiller
commented
1 year ago However I much prefer the configuration files being simply added via symlink to the individual mosquitto configurations to the /etc/mosquitto/conf.d/ directory.
satel-kalletuulos
commented
11 months ago This behaviour causes problems when building the system with Yocto.
Module common_mosquitto_config.rs creates file /etc/tedge/mosquitto-conf/tedge-mosquitto.conf which has following content:
per_listener_settings true
connection_messages true
log_type error
log_type warning
log_type notice
log_type information
log_type subscribe
log_type unsubscribe
message_size_limit 268435455
listener 1883 127.0.0.1
allow_anonymous true
require_certificate falseThese are system-wide settings, which are normally managed by files in /etc/mosquitto/conf.d directory, as mentioned by original writer. The tedge-mosquitto.conf contents conflict with previous settings, thus my solution was just remove the tedge-mosquitto.conf manually after initializing thin-edge in the device.
Also, the default Yocto installation of mosquitto broker already provides settings, which are somewhat compatible with those.
common_mosquitto_config.rs should be modified so that it does not create tedge-mosquitto.conf file at all.
reubenmiller
commented
7 months ago @satel-kalletuulos Sorry we somehow missed your comment. Yes I think using the conf.d directory will lead to being more compatible with different setups (e.g. yocto, containers etc.) and just be more "linux friendly".
However we're also exploring implementing our own bridge functionality (https://github.com/thin-edge/thin-edge.io/issues/2592) to allow for a more flexible approach (e.g. hot reloading of c8y bridge topics), and if that is done, then the number of mosquitto configuration files will be significantly reduced, making it easier overall to managed and switch to the conf.d setup.
satel-kalletuulos
commented
7 months ago @reubenmiller Point in my comment was, that global configuration topics should not be touched without prior permission.
It is likely, that thin-edge will be used in some systems, which don't yet use MQTT, but some systems have already configured MQTT broker. For example, device which acts as a router and MQTT broker to local network, has listener (etc) configurations in place. When thin-edge starts, it forcefully breaks these pre-defined configurations.
reubenmiller
commented
7 months ago @reubenmiller Point in my comment was, that global configuration topics should not be touched without prior permission.
It is likely, that thin-edge will be used in some systems, which don't yet use MQTT, but some systems have already configured MQTT broker. For example, device which acts as a router and MQTT broker to local network, has listener (etc) configurations in place. When thin-edge starts, it forcefully breaks these pre-defined configurations.
Yes that is a very good point and we definitely want to avoid any integration pain, and also generally play nicely with different setups.
Though I'm pretty sure just installing thin-edge.io will not be destructive, the only potentially "unexpected/invasive edit" which is done is the insertion of the line include_dir /etc/tedge/mosquitto-conf into the /etc/mosquitto/mosquitto.conf file...though this line will hopefully not cause any existing mosquitto configuration to stop working as the referenced folder is empty. thin-edge.io only starts adding files to the /etc/tedge/mosquitto-conf folder once a user runs tedge connection xxx...and if they don't want to use specific settings, then they can run tedge config set to control the individual listeners (e.g. change port number etc.) so that it won't impact the existing mosquitto setup.
Is your feature improvement request related to a problem? Please describe.
The
postinstscript oftedgeupdates the/etc/mosquitto/mosquitto.confdirectly in-order to/etc/tedge/mosquitto-confas a directory for tedge mosquitto config extensions. This is very error prone as we're tinkering with the base configuration of mosquitto directly.Describe the solution you'd like
Mosquitto already provides the directoty
/etc/mosquitto/conf.dto keep any config extensions like the bridge configurations that we create. It would be better to use thisconf.ddirectory for the same rather than defining our own config extension.Even though we can't completely eliminate our dependency on mosquitto with this change, as well still have to create the config extension at
/etc/mosquitto/conf.d, it still eliminates one unnecessary dependency.Additional context
We might need some strategy to make sure that the
tedge-mosquitto.confis loaded first, before other extensions are loaded as theper_listener_settingsare enabled in it, which must be loaded first, before loading any other security settings defined in other extensions.