Docker files for 2.0
This commit is contained in:
parent
1636e47202
commit
faa56fbb3d
108
docker/2.0-openssl/Dockerfile
Normal file
108
docker/2.0-openssl/Dockerfile
Normal file
@ -0,0 +1,108 @@
|
||||
FROM alpine:3.12
|
||||
|
||||
LABEL maintainer="Roger Light <roger@atchoo.org>" \
|
||||
description="Eclipse Mosquitto MQTT Broker"
|
||||
|
||||
ENV VERSION=2.0.0 \
|
||||
DOWNLOAD_SHA256=ab89ddba508131b82c274f5697b03e6a067ac89cc2af4ac59dc124ac135d95a4 \
|
||||
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
|
||||
LWS_VERSION=2.4.2 \
|
||||
CJSON_VERSION=1.7.14
|
||||
|
||||
RUN set -x && \
|
||||
apk --no-cache add --virtual build-deps \
|
||||
build-base \
|
||||
cmake \
|
||||
gnupg \
|
||||
openssl-dev \
|
||||
util-linux-dev && \
|
||||
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
|
||||
mkdir -p /build/lws && \
|
||||
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
|
||||
rm /tmp/lws.tar.gz && \
|
||||
cd /build/lws && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr \
|
||||
-DLWS_IPV6=ON \
|
||||
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
|
||||
-DLWS_WITHOUT_CLIENT=ON \
|
||||
-DLWS_WITHOUT_EXTENSIONS=ON \
|
||||
-DLWS_WITHOUT_TESTAPPS=ON \
|
||||
-DLWS_WITH_SHARED=OFF \
|
||||
-DLWS_WITH_ZIP_FOPS=OFF \
|
||||
-DLWS_WITH_ZLIB=OFF && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://github.com/DaveGamble/cJSON/archive/v${CJSON_VERSION}.tar.gz -O /tmp/cjson.tar.gz && \
|
||||
mkdir -p /build/cjson && \
|
||||
tar --strip=1 -xf /tmp/cjson.tar.gz -C /build/cjson && \
|
||||
rm /tmp/cjson.tar.gz && \
|
||||
cd /build/cjson && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DBUILD_SHARED_AND_STATIC_LIBS=OFF \
|
||||
-DBUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_BUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://mosquitto.org/files/tmp/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
|
||||
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
|
||||
wget https://mosquitto.org/files/tmp/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
|
||||
export GNUPGHOME="$(mktemp -d)" && \
|
||||
found=''; \
|
||||
for server in \
|
||||
ha.pool.sks-keyservers.net \
|
||||
hkp://keyserver.ubuntu.com:80 \
|
||||
hkp://p80.pool.sks-keyservers.net:80 \
|
||||
pgp.mit.edu \
|
||||
; do \
|
||||
echo "Fetching GPG key $GPG_KEYS from $server"; \
|
||||
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
|
||||
done; \
|
||||
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
|
||||
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
|
||||
gpgconf --kill all && \
|
||||
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
|
||||
mkdir -p /build/mosq && \
|
||||
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
|
||||
rm /tmp/mosq.tar.gz && \
|
||||
make -C /build/mosq -j "$(nproc)" \
|
||||
CFLAGS="-Wall -O2 -I/build/lws/include -I/build/cjson" \
|
||||
LDFLAGS="-L/build/lws/lib -L/build/cjson" \
|
||||
WITH_ADNS=no \
|
||||
WITH_DOCS=no \
|
||||
WITH_SHARED_LIBRARIES=yes \
|
||||
WITH_SRV=no \
|
||||
WITH_STRIP=yes \
|
||||
WITH_WEBSOCKETS=yes \
|
||||
prefix=/usr \
|
||||
binary && \
|
||||
addgroup -S -g 1883 mosquitto 2>/dev/null && \
|
||||
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
|
||||
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
|
||||
install -d /usr/sbin/ && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_rr /usr/bin/mosquitto_rr && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
|
||||
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
|
||||
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_ctrl/mosquitto_ctrl /usr/bin/mosquitto_ctrl && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
|
||||
install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
|
||||
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
|
||||
chown -R mosquitto:mosquitto /mosquitto && \
|
||||
apk --no-cache add \
|
||||
ca-certificates && \
|
||||
apk del build-deps && \
|
||||
rm -rf /build
|
||||
|
||||
VOLUME ["/mosquitto/data", "/mosquitto/log"]
|
||||
|
||||
# Set up the entry point script and default command
|
||||
COPY docker-entrypoint.sh /
|
||||
EXPOSE 1883
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]
|
49
docker/2.0-openssl/README.md
Normal file
49
docker/2.0-openssl/README.md
Normal file
@ -0,0 +1,49 @@
|
||||
# Eclipse Mosquitto Docker Image
|
||||
Containers built with this Dockerfile build as source from published tarballs.
|
||||
|
||||
## Mount Points
|
||||
A docker mount point has been created in the image to be used for configuration.
|
||||
```
|
||||
/mosquitto/config
|
||||
```
|
||||
|
||||
Two docker volumes have been created in the image to be used for persistent storage and logs.
|
||||
```
|
||||
/mosquitto/data
|
||||
/mosquitto/log
|
||||
```
|
||||
|
||||
## User/Group
|
||||
|
||||
The image runs mosquitto under the mosquitto user and group, which are created
|
||||
with a uid and gid of 1883.
|
||||
|
||||
## Configuration
|
||||
When creating a container from the image, the default configuration values are used.
|
||||
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
|
||||
```
|
||||
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
|
||||
```
|
||||
|
||||
:boom: if the mosquitto configuration (mosquitto.conf) was modified
|
||||
to use non-default ports, the docker run command will need to be updated
|
||||
to expose the ports that have been configured, for example:
|
||||
|
||||
```
|
||||
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
|
||||
```
|
||||
|
||||
Configuration can be changed to:
|
||||
|
||||
* persist data to `/mosquitto/data`
|
||||
* log to `/mosquitto/log/mosquitto.log`
|
||||
|
||||
i.e. add the following to `mosquitto.conf`:
|
||||
```
|
||||
persistence true
|
||||
persistence_location /mosquitto/data/
|
||||
|
||||
log_dest file /mosquitto/log/mosquitto.log
|
||||
```
|
||||
|
||||
**Note**: For any volume used, the data will be persistent between containers.
|
10
docker/2.0-openssl/docker-entrypoint.sh
Executable file
10
docker/2.0-openssl/docker-entrypoint.sh
Executable file
@ -0,0 +1,10 @@
|
||||
#!/bin/ash
|
||||
set -e
|
||||
|
||||
# Set permissions
|
||||
user="$(id -u)"
|
||||
if [ "$user" = '0' ]; then
|
||||
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
|
||||
fi
|
||||
|
||||
exec "$@"
|
110
docker/2.0/Dockerfile
Normal file
110
docker/2.0/Dockerfile
Normal file
@ -0,0 +1,110 @@
|
||||
FROM alpine:3.12
|
||||
|
||||
LABEL maintainer="Roger Light <roger@atchoo.org>" \
|
||||
description="Eclipse Mosquitto MQTT Broker"
|
||||
|
||||
ENV VERSION=2.0.0 \
|
||||
DOWNLOAD_SHA256=ab89ddba508131b82c274f5697b03e6a067ac89cc2af4ac59dc124ac135d95a4 \
|
||||
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
|
||||
LWS_VERSION=2.4.2 \
|
||||
CJSON_VERSION=1.7.14
|
||||
|
||||
RUN set -x && \
|
||||
apk --no-cache add --virtual build-deps \
|
||||
build-base \
|
||||
cmake \
|
||||
gnupg \
|
||||
libressl-dev \
|
||||
util-linux-dev && \
|
||||
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
|
||||
mkdir -p /build/lws && \
|
||||
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
|
||||
rm /tmp/lws.tar.gz && \
|
||||
cd /build/lws && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr \
|
||||
-DLWS_IPV6=ON \
|
||||
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
|
||||
-DLWS_WITHOUT_CLIENT=ON \
|
||||
-DLWS_WITHOUT_EXTENSIONS=ON \
|
||||
-DLWS_WITHOUT_TESTAPPS=ON \
|
||||
-DLWS_WITH_SHARED=OFF \
|
||||
-DLWS_WITH_ZIP_FOPS=OFF \
|
||||
-DLWS_WITH_ZLIB=OFF && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://github.com/DaveGamble/cJSON/archive/v${CJSON_VERSION}.tar.gz -O /tmp/cjson.tar.gz && \
|
||||
mkdir -p /build/cjson && \
|
||||
tar --strip=1 -xf /tmp/cjson.tar.gz -C /build/cjson && \
|
||||
rm /tmp/cjson.tar.gz && \
|
||||
cd /build/cjson && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DBUILD_SHARED_AND_STATIC_LIBS=OFF \
|
||||
-DBUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_BUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://mosquitto.org/files/tmp/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
|
||||
echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
|
||||
wget https://mosquitto.org/files/tmp/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
|
||||
export GNUPGHOME="$(mktemp -d)" && \
|
||||
found=''; \
|
||||
for server in \
|
||||
ha.pool.sks-keyservers.net \
|
||||
hkp://keyserver.ubuntu.com:80 \
|
||||
hkp://p80.pool.sks-keyservers.net:80 \
|
||||
pgp.mit.edu \
|
||||
; do \
|
||||
echo "Fetching GPG key $GPG_KEYS from $server"; \
|
||||
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
|
||||
done; \
|
||||
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
|
||||
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
|
||||
gpgconf --kill all && \
|
||||
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
|
||||
mkdir -p /build/mosq && \
|
||||
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
|
||||
rm /tmp/mosq.tar.gz && \
|
||||
make -C /build/mosq -j "$(nproc)" \
|
||||
CFLAGS="-Wall -O2 -I/build/lws/include -I/build/cjson" \
|
||||
LDFLAGS="-L/build/lws/lib -L/build/cjson" \
|
||||
WITH_ADNS=no \
|
||||
WITH_DOCS=no \
|
||||
WITH_SHARED_LIBRARIES=yes \
|
||||
WITH_SRV=no \
|
||||
WITH_STRIP=yes \
|
||||
WITH_TLS_PSK=no \
|
||||
WITH_WEBSOCKETS=yes \
|
||||
prefix=/usr \
|
||||
binary && \
|
||||
addgroup -S -g 1883 mosquitto 2>/dev/null && \
|
||||
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
|
||||
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
|
||||
install -d /usr/sbin/ && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_rr /usr/bin/mosquitto_rr && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
|
||||
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
|
||||
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_ctrl/mosquitto_ctrl /usr/bin/mosquitto_ctrl && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
|
||||
install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
|
||||
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
|
||||
chown -R mosquitto:mosquitto /mosquitto && \
|
||||
apk --no-cache add \
|
||||
ca-certificates \
|
||||
libressl && \
|
||||
apk del build-deps && \
|
||||
rm -rf /build
|
||||
|
||||
VOLUME ["/mosquitto/data", "/mosquitto/log"]
|
||||
|
||||
# Set up the entry point script and default command
|
||||
COPY docker-entrypoint.sh /
|
||||
EXPOSE 1883
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]
|
49
docker/2.0/README.md
Normal file
49
docker/2.0/README.md
Normal file
@ -0,0 +1,49 @@
|
||||
# Eclipse Mosquitto Docker Image
|
||||
Containers built with this Dockerfile build as source from published tarballs.
|
||||
|
||||
## Mount Points
|
||||
A docker mount point has been created in the image to be used for configuration.
|
||||
```
|
||||
/mosquitto/config
|
||||
```
|
||||
|
||||
Two docker volumes have been created in the image to be used for persistent storage and logs.
|
||||
```
|
||||
/mosquitto/data
|
||||
/mosquitto/log
|
||||
```
|
||||
|
||||
## User/Group
|
||||
|
||||
The image runs mosquitto under the mosquitto user and group, which are created
|
||||
with a uid and gid of 1883.
|
||||
|
||||
## Configuration
|
||||
When creating a container from the image, the default configuration values are used.
|
||||
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
|
||||
```
|
||||
docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
|
||||
```
|
||||
|
||||
:boom: if the mosquitto configuration (mosquitto.conf) was modified
|
||||
to use non-default ports, the docker run command will need to be updated
|
||||
to expose the ports that have been configured, for example:
|
||||
|
||||
```
|
||||
docker run -it -p 1883:1883 -p 8080:8080 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
|
||||
```
|
||||
|
||||
Configuration can be changed to:
|
||||
|
||||
* persist data to `/mosquitto/data`
|
||||
* log to `/mosquitto/log/mosquitto.log`
|
||||
|
||||
i.e. add the following to `mosquitto.conf`:
|
||||
```
|
||||
persistence true
|
||||
persistence_location /mosquitto/data/
|
||||
|
||||
log_dest file /mosquitto/log/mosquitto.log
|
||||
```
|
||||
|
||||
**Note**: For any volume used, the data will be persistent between containers.
|
10
docker/2.0/docker-entrypoint.sh
Executable file
10
docker/2.0/docker-entrypoint.sh
Executable file
@ -0,0 +1,10 @@
|
||||
#!/bin/ash
|
||||
set -e
|
||||
|
||||
# Set permissions
|
||||
user="$(id -u)"
|
||||
if [ "$user" = '0' ]; then
|
||||
[ -d "/mosquitto" ] && chown -R mosquitto:mosquitto /mosquitto || true
|
||||
fi
|
||||
|
||||
exec "$@"
|
@ -2,10 +2,14 @@
|
||||
|
||||
This directory contains Docker files for Mosquitto.
|
||||
|
||||
The `1.6` directory contains the latest version of Mosquitto for
|
||||
that series, and provide the basis of the official image. It uses libressl. The
|
||||
`1.6-openssl` directory is identical except that it uses openssl instead of
|
||||
libressl, and enables TLS-PSK support.
|
||||
The `2.0` directory contains the latest version of Mosquitto for that
|
||||
series, it uses libressl. The `2.0-openssl` directory is identical except that
|
||||
it uses openssl instead of libressl, and enables TLS-PSK and TLS v1.3 cipher
|
||||
support.
|
||||
|
||||
The `1.6` directory contains the version of Mosquitto based on the 1.6 branch.
|
||||
It uses libressl. The `1.6-openssl` directory is identical except that it uses
|
||||
openssl instead of libressl, and enables TLS-PSK support.
|
||||
|
||||
The `1.5` directory contains the version of Mosquitto based on the 1.5 branch.
|
||||
It uses libressl. The `1.5-openssl` directory is identical except that it uses
|
||||
|
Loading…
Reference in New Issue
Block a user