User Tools

Site Tools


brokers:raspberry_pi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
brokers:raspberry_pi [2016/04/30 07:18]
buben [Configure local MQTT broker]
brokers:raspberry_pi [2016/05/09 10:24] (current)
Line 1: Line 1:
 +====== Raspberry Pi local broker ======
 +[[https://​www.raspberrypi.org/​|Raspberry Pi]] is credit card sized, and probably most popular, single board computer. It can easily be used as local MQTT broker. This tutorial expects [[https://​www.raspbian.org/​|Raspbian]] operating system is already installed. If you are already using Raspberry Pi with other operating system, this tutorial can be easily adjusted.
  
 +**Specificatons:​**
 +|                        ^ RPi v1       ^ RPi v2        ^ RPi v3        ^
 +^ SoC                    | BCM2835 ​     | BCM2836 ​      ​| ​              |
 +^ CPU                    | ARM1176JZF-S | ARM Cortex-A7 |               |
 +^ Frequency ​             | 700 MHz      | 900 MHz       ​| ​              |
 +^ Cores                  | Single core  | Quad core     ​| ​              |
 +^ RAM                    | 512 MiB      | 1024 MiB      |               |
 +^ Storage ​               | SD           | Micro SD      | Micro SD      |
 +^ USB ports              | 2x USB 2.0   | 4x USB 2.0    | 4x USB 2.0    |
 +^ Real-time clock        | No           | No            | No            |
 +^ Powering ​              | Micro USB    | Micro USB     | Micro USB     |
 +===== Configure local MQTT broker =====
 +
 +Install mosquitto.
 +
 +<​code>​
 +pi@raspberry:​~$ sudo apt-get install mosquitto
 +</​code>​
 +
 +To be able to connect to central broker, we must configure resolving its hostname to IP address. Easiest way how to do that is add following line to ''/​etc/​hosts'':​
 +
 +<code - /​etc/​hosts>​
 +<​ip_address> ​   central-broker
 +</​code>​
 +
 +Replace ''<​ip_address>''​ by actual public IP address of you central MQTT broker.
 +
 +Configure domain name lookup is crucial step for establishing SSL connection. When your client opens connection to some hostname, server on other side have to send certificate request with common name of that hostname. If both hostnames doesn'​t match, client should reject this connection. This security mechanism can detect possible [[https://​en.wikipedia.org/​wiki/​Man-in-the-middle_attack|MITM]] attack. It is possible to disable this check, but it is strongly recommended to keep in enabled and use correct domain name lookup.
 +==== mosquitto configuration ====
 +
 +mosquitto creates its configuration files in ''/​etc/​mosquitto''​. It uses main configuration file ''/​etc/​mosquitto/​mosquitto.conf''​ which loads other files located in ''/​etc/​mosquitto/​conf.d/''​ directory.
 +
 +<code - /​etc/​mosquitto/​mosquitto.conf>​
 +# Place your local configuration in /​etc/​mosquitto/​conf.d/​
 +#
 +# A full description of the configuration file is at
 +# /​usr/​share/​doc/​mosquitto/​examples/​mosquitto.conf.example
 +
 +pid_file /​var/​run/​mosquitto.pid
 +
 +persistence true
 +persistence_location /​var/​lib/​mosquitto/​
 +
 +log_dest file /​var/​log/​mosquitto/​mosquitto.log
 +
 +include_dir /​etc/​mosquitto/​conf.d
 +</​code>​
 +
 +To configure local broker, create ''/​etc/​mosquitto/​conf.d/​bridge.conf''​ file with following content:
 +
 +<code - /​etc/​mosquitto/​conf.d/​bridge.con>​
 +# listen port
 +listener 1883
 +
 +# bridge configuration
 +connection central-broker
 +address central-broker:​1883
 +clientid pce-eliska-bridge
 +topic # both 0 ""​ area-name/
 +bridge_cafile /​etc/​mosquitto/​ca_certificates/​ca.crt
 +bridge_certfile /​etc/​mosquitto/​certs/​your-cert-request.crt
 +bridge_keyfile /​etc/​mosquitto/​certs/​your-keyfile.key
 +
 +# authentication
 +username user
 +password pass
 +</​code>​
 +
 +There are few directives which have to be configured based on your needs:
 +  * ''​topic''​ - Defines MQTT topic which will be prepended to outgoing messages. Put here correct area name.
 +  * ''​bridge_cafile''​ - Path to CA file. Will be discussed later.
 +  * ''​bridge_certfile''​ - Path to certificate request file. Will be discussed later.
 +  * ''​bridge_keyfile''​ - Path to key file. Will be discussed later.
 +  * ''​user''​ - Username for local broker.
 +  * ''​password''​ - Password for local broker.
 +==== CA and cert files ====
 +
 +Last step of configuring broker if provide CA and cert files. You can fin instruction how to generate them on [[brokers:​certificates|certificates]] page. It is good practice to put your CA file into ''/​etc/​mosquitto/​ca_certificates''​ and ''​*.crt''​ and ''​*.key''​ files into ''/​etc/​mosquitto/​certs''​ directory.
 +
 +After you have successfully created these files, copy them in proper directories and configure ''​bridge_cafile'',​ ''​bridge_certfile''​ and ''​bridge_keyfile''​ in your ''/​etc/​mosquitto/​conf.d/​bridge.conf''​ configuration file.
brokers/raspberry_pi.txt ยท Last modified: 2016/05/09 10:24 (external edit)