mirror of
https://github.com/absmach/supermq.git
synced 2026-06-23 07:10:19 +00:00
dusan
567 lines
18 KiB
Bash
567 lines
18 KiB
Bash
# Copyright (c) Abstract Machines
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
# Docker: Environment variables in Compose
|
|
|
|
## Enable GRPC SSL
|
|
## If enabled run make all inside docker/ssl directory to generate the GRPC certs
|
|
GRPC_MTLS=
|
|
|
|
## NginX
|
|
SMQ_NGINX_HTTP_PORT=80
|
|
SMQ_NGINX_SSL_PORT=443
|
|
SMQ_NGINX_MQTT_PORT=1883
|
|
SMQ_NGINX_MQTTS_PORT=8883
|
|
SMQ_NGINX_SERVER_NAME=
|
|
|
|
## Nats
|
|
SMQ_NATS_PORT=4222
|
|
SMQ_NATS_HTTP_PORT=8222
|
|
SMQ_NATS_JETSTREAM_KEY=u7wFoAPgXpDueXOFldBnXDh4xjnSOyEJ2Cb8Z5SZvGLzIZ3U4exWhhoIBZHzuNvh
|
|
SMQ_NATS_URL=nats://nats:${SMQ_NATS_PORT}
|
|
# Configs for nats as MQTT broker
|
|
SMQ_NATS_HEALTH_CHECK=http://nats:${SMQ_NATS_HTTP_PORT}/healthz
|
|
SMQ_NATS_WS_TARGET_PATH=
|
|
SMQ_NATS_MQTT_QOS=0
|
|
|
|
## RabbitMQ
|
|
SMQ_RABBITMQ_PORT=5672
|
|
SMQ_RABBITMQ_HTTP_PORT=15672
|
|
SMQ_RABBITMQ_WS_PORT=15675
|
|
SMQ_RABBITMQ_USER=supermq
|
|
SMQ_RABBITMQ_PASS=supermq
|
|
SMQ_RABBITMQ_COOKIE=supermq
|
|
SMQ_RABBITMQ_VHOST=/
|
|
SMQ_RABBITMQ_URL=amqp://${SMQ_RABBITMQ_USER}:${SMQ_RABBITMQ_PASS}@rabbitmq:${SMQ_RABBITMQ_PORT}${SMQ_RABBITMQ_VHOST}
|
|
SMQ_RABBITMQ_MQTT_QOS=0
|
|
SMQ_RABBITMQ_WS_TARGET_PATH=/ws
|
|
|
|
## Message Broker
|
|
SMQ_MESSAGE_BROKER_TYPE=msg_nats
|
|
SMQ_MESSAGE_BROKER_URL=${SMQ_NATS_URL}
|
|
|
|
## MQTT Broker
|
|
SMQ_MQTT_BROKER_TYPE=rabbitmq
|
|
SMQ_MQTT_BROKER_HEALTH_CHECK=
|
|
SMQ_MQTT_ADAPTER_MQTT_QOS=${SMQ_RABBITMQ_MQTT_QOS}
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_PROTOCOL=mqtt
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_HOST=${SMQ_MQTT_BROKER_TYPE}
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_PORT=1883
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_USERNAME=${SMQ_RABBITMQ_USER}
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_PASSWORD=${SMQ_RABBITMQ_PASS}
|
|
SMQ_MQTT_ADAPTER_MQTT_TARGET_HEALTH_CHECK=${SMQ_MQTT_BROKER_HEALTH_CHECK}
|
|
SMQ_MQTT_ADAPTER_WS_TARGET_PROTOCOL=http
|
|
SMQ_MQTT_ADAPTER_WS_TARGET_HOST=${SMQ_MQTT_BROKER_TYPE}
|
|
SMQ_MQTT_ADAPTER_WS_TARGET_PORT=${SMQ_RABBITMQ_WS_PORT}
|
|
SMQ_MQTT_ADAPTER_WS_TARGET_PATH=${SMQ_RABBITMQ_WS_TARGET_PATH}
|
|
|
|
## Redis
|
|
SMQ_REDIS_TCP_PORT=6379
|
|
SMQ_REDIS_URL=redis://es-redis:${SMQ_REDIS_TCP_PORT}/0
|
|
|
|
## Event Store
|
|
SMQ_ES_TYPE=${SMQ_MESSAGE_BROKER_TYPE}
|
|
SMQ_ES_URL=${SMQ_MESSAGE_BROKER_URL}
|
|
|
|
## Jaeger
|
|
SMQ_JAEGER_COLLECTOR_OTLP_ENABLED=true
|
|
SMQ_JAEGER_FRONTEND=16686
|
|
SMQ_JAEGER_OLTP_HTTP=4318
|
|
SMQ_JAEGER_URL=http://jaeger:4318/v1/traces
|
|
SMQ_JAEGER_TRACE_RATIO=1.0
|
|
SMQ_JAEGER_MEMORY_MAX_TRACES=5000
|
|
|
|
## Call home
|
|
SMQ_SEND_TELEMETRY=true
|
|
|
|
## Postgres
|
|
SMQ_POSTGRES_MAX_CONNECTIONS=100
|
|
|
|
## Core Services
|
|
|
|
### Auth
|
|
SMQ_AUTH_LOG_LEVEL=debug
|
|
SMQ_AUTH_HTTP_HOST=auth
|
|
SMQ_AUTH_HTTP_PORT=9001
|
|
SMQ_AUTH_HTTP_SERVER_CERT=
|
|
SMQ_AUTH_HTTP_SERVER_KEY=
|
|
SMQ_AUTH_GRPC_HOST=auth
|
|
SMQ_AUTH_GRPC_PORT=7001
|
|
SMQ_AUTH_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-server.crt}${GRPC_TLS:+./ssl/certs/auth-grpc-server.crt}
|
|
SMQ_AUTH_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-server.key}${GRPC_TLS:+./ssl/certs/auth-grpc-server.key}
|
|
SMQ_AUTH_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_AUTH_DB_HOST=auth-db
|
|
SMQ_AUTH_DB_PORT=5432
|
|
SMQ_AUTH_DB_USER=supermq
|
|
SMQ_AUTH_DB_PASS=supermq
|
|
SMQ_AUTH_DB_NAME=auth
|
|
SMQ_AUTH_DB_SSL_MODE=disable
|
|
SMQ_AUTH_DB_SSL_CERT=
|
|
SMQ_AUTH_DB_SSL_KEY=
|
|
SMQ_AUTH_DB_SSL_ROOT_CERT=
|
|
SMQ_AUTH_ACCESS_TOKEN_DURATION="1h"
|
|
SMQ_AUTH_REFRESH_TOKEN_DURATION="24h"
|
|
SMQ_AUTH_KEYS_ALGORITHM="EdDSA"
|
|
SMQ_AUTH_KEYS_ACTIVE_KEY_PATH="./keys/active.key"
|
|
SMQ_AUTH_KEYS_RETIRING_KEY_PATH="./keys/retiring.key"
|
|
SMQ_AUTH_INVITATION_DURATION="168h"
|
|
SMQ_AUTH_ADAPTER_INSTANCE_ID=
|
|
SMQ_AUTH_CACHE_URL=redis://auth-redis:${SMQ_REDIS_TCP_PORT}/0
|
|
SMQ_AUTH_CACHE_KEY_DURATION=10m
|
|
SMQ_AUTH_JWKS_URL=http://${SMQ_AUTH_HTTP_HOST}:${SMQ_AUTH_HTTP_PORT}/keys/.well-known/jwks.json
|
|
SMQ_AUTH_JWKS_CACHE_MAX_AGE=900
|
|
SMQ_AUTH_JWKS_CACHE_STALE_WHILE_REVALIDATE=60
|
|
|
|
#### Client Callout
|
|
SMQ_CLIENTS_CALLOUT_URLS=""
|
|
SMQ_CLIENTS_CALLOUT_METHOD="POST"
|
|
SMQ_CLIENTS_CALLOUT_TLS_VERIFICATION="false"
|
|
SMQ_CLIENTS_CALLOUT_TIMEOUT="10s"
|
|
SMQ_CLIENTS_CALLOUT_CA_CERT=""
|
|
SMQ_CLIENTS_CALLOUT_CERT=""
|
|
SMQ_CLIENTS_CALLOUT_KEY=""
|
|
SMQ_CLIENTS_CALLOUT_OPERATIONS=""
|
|
|
|
#### Channel Callout
|
|
SMQ_CHANNELS_CALLOUT_URLS=""
|
|
SMQ_CHANNELS_CALLOUT_METHOD="POST"
|
|
SMQ_CHANNELS_CALLOUT_TLS_VERIFICATION="false"
|
|
SMQ_CHANNELS_CALLOUT_TIMEOUT="10s"
|
|
SMQ_CHANNELS_CALLOUT_CA_CERT=""
|
|
SMQ_CHANNELS_CALLOUT_CERT=""
|
|
SMQ_CHANNELS_CALLOUT_KEY=""
|
|
SMQ_CHANNELS_CALLOUT_OPERATIONS=""
|
|
|
|
#### Group Callout
|
|
SMQ_GROUPS_CALLOUT_URLS=""
|
|
SMQ_GROUPS_CALLOUT_METHOD="POST"
|
|
SMQ_GROUPS_CALLOUT_TLS_VERIFICATION="false"
|
|
SMQ_GROUPS_CALLOUT_TIMEOUT="10s"
|
|
SMQ_GROUPS_CALLOUT_CA_CERT=""
|
|
SMQ_GROUPS_CALLOUT_CERT=""
|
|
SMQ_GROUPS_CALLOUT_KEY=""
|
|
SMQ_GROUPS_CALLOUT_OPERATIONS=""
|
|
|
|
#### Domain Callout
|
|
SMQ_DOMAINS_CALLOUT_URLS=""
|
|
SMQ_DOMAINS_CALLOUT_METHOD="POST"
|
|
SMQ_DOMAINS_CALLOUT_TLS_VERIFICATION="false"
|
|
SMQ_DOMAINS_CALLOUT_TIMEOUT="10s"
|
|
SMQ_DOMAINS_CALLOUT_CA_CERT=""
|
|
SMQ_DOMAINS_CALLOUT_CERT=""
|
|
SMQ_DOMAINS_CALLOUT_KEY=""
|
|
SMQ_DOMAINS_CALLOUT_OPERATIONS=""
|
|
|
|
#### Auth Client Config
|
|
SMQ_AUTH_URL=auth:9001
|
|
SMQ_AUTH_GRPC_URL=auth:7001
|
|
SMQ_AUTH_GRPC_TIMEOUT=300s
|
|
SMQ_AUTH_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.crt}
|
|
SMQ_AUTH_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.key}
|
|
SMQ_AUTH_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### Domains
|
|
SMQ_DOMAINS_LOG_LEVEL=debug
|
|
SMQ_DOMAINS_HTTP_HOST=domains
|
|
SMQ_DOMAINS_HTTP_PORT=9003
|
|
SMQ_DOMAINS_HTTP_SERVER_KEY=
|
|
SMQ_DOMAINS_HTTP_SERVER_CERT=
|
|
SMQ_DOMAINS_GRPC_HOST=domains
|
|
SMQ_DOMAINS_GRPC_PORT=7003
|
|
SMQ_DOMAINS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.crt}${GRPC_TLS:+./ssl/certs/domains-grpc-server.crt}
|
|
SMQ_DOMAINS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.key}${GRPC_TLS:+./ssl/certs/domains-grpc-server.key}
|
|
SMQ_DOMAINS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_DOMAINS_DB_HOST=domains-db
|
|
SMQ_DOMAINS_DB_PORT=5432
|
|
SMQ_DOMAINS_DB_NAME=domains
|
|
SMQ_DOMAINS_DB_USER=supermq
|
|
SMQ_DOMAINS_DB_PASS=supermq
|
|
SMQ_DOMAINS_DB_SSL_MODE=
|
|
SMQ_DOMAINS_DB_SSL_KEY=
|
|
SMQ_DOMAINS_DB_SSL_CERT=
|
|
SMQ_DOMAINS_DB_SSL_ROOT_CERT=
|
|
SMQ_DOMAINS_INSTANCE_ID=
|
|
SMQ_DOMAINS_CACHE_URL=redis://domains-redis:${SMQ_REDIS_TCP_PORT}/0
|
|
SMQ_DOMAINS_CACHE_KEY_DURATION=10m
|
|
|
|
#### Domains Client Config
|
|
SMQ_DOMAINS_URL=http://domains:9003
|
|
SMQ_DOMAINS_GRPC_URL=domains:7003
|
|
SMQ_DOMAINS_GRPC_TIMEOUT=300s
|
|
SMQ_DOMAINS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
|
|
SMQ_DOMAINS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
|
|
SMQ_DOMAINS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### SpiceDB Datastore config
|
|
SMQ_SPICEDB_DB_USER=supermq
|
|
SMQ_SPICEDB_DB_PASS=supermq
|
|
SMQ_SPICEDB_DB_NAME=spicedb
|
|
SMQ_SPICEDB_DB_PORT=5432
|
|
|
|
### SpiceDB config
|
|
SMQ_SPICEDB_PRE_SHARED_KEY="12345678"
|
|
SMQ_SPICEDB_SCHEMA_FILE="/schema.zed"
|
|
SMQ_SPICEDB_HOST=supermq-spicedb
|
|
SMQ_SPICEDB_PORT=50051
|
|
SMQ_SPICEDB_DATASTORE_ENGINE=postgres
|
|
|
|
### UI
|
|
SMQ_UI_LOG_LEVEL=debug
|
|
SMQ_UI_PORT=9095
|
|
SMQ_HTTP_ADAPTER_URL=http://http-adapter:8008
|
|
SMQ_CLIENTS_URL=http://clients:9006
|
|
SMQ_USERS_URL=http://users:9002
|
|
SMQ_INVITATIONS_URL=http://invitations:9020
|
|
SMQ_DOMAINS_URL=http://domains:9003
|
|
SMQ_UI_HOST_URL=http://localhost:9095
|
|
SMQ_UI_VERIFICATION_TLS=false
|
|
SMQ_UI_CONTENT_TYPE=application/senml+json
|
|
SMQ_UI_INSTANCE_ID=
|
|
SMQ_UI_DB_HOST=ui-db
|
|
SMQ_UI_DB_PORT=5432
|
|
SMQ_UI_DB_USER=supermq
|
|
SMQ_UI_DB_PASS=supermq
|
|
SMQ_UI_DB_NAME=ui
|
|
SMQ_UI_DB_SSL_MODE=disable
|
|
SMQ_UI_DB_SSL_CERT=
|
|
SMQ_UI_DB_SSL_KEY=
|
|
SMQ_UI_DB_SSL_ROOT_CERT=
|
|
SMQ_UI_HASH_KEY=5jx4x2Qg9OUmzpP5dbveWQ
|
|
SMQ_UI_BLOCK_KEY=UtgZjr92jwRY6SPUndHXiyl9QY8qTUyZ
|
|
SMQ_UI_PATH_PREFIX=/ui
|
|
|
|
### Users
|
|
SMQ_USERS_LOG_LEVEL=debug
|
|
SMQ_USERS_SECRET_KEY=HyE2D4RUt9nnKG6v8zKEqAp6g6ka8hhZsqUpzgKvnwpXrNVQSH
|
|
SMQ_USERS_ADMIN_EMAIL=admin@example.com
|
|
SMQ_USERS_ADMIN_PASSWORD=12345678
|
|
SMQ_USERS_ADMIN_USERNAME=admin
|
|
SMQ_USERS_ADMIN_FIRST_NAME=super
|
|
SMQ_USERS_ADMIN_LAST_NAME=admin
|
|
SMQ_USERS_PASS_REGEX=^.{8,}$
|
|
SMQ_USERS_HTTP_HOST=users
|
|
SMQ_USERS_HTTP_PORT=9002
|
|
SMQ_USERS_HTTP_SERVER_CERT=
|
|
SMQ_USERS_HTTP_SERVER_KEY=
|
|
SMQ_USERS_GRPC_HOST=users
|
|
SMQ_USERS_GRPC_PORT=7002
|
|
SMQ_USERS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.crt}${GRPC_TLS:+./ssl/certs/domains-grpc-server.crt}
|
|
SMQ_USERS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.key}${GRPC_TLS:+./ssl/certs/domains-grpc-server.key}
|
|
SMQ_USERS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_USERS_DB_HOST=users-db
|
|
SMQ_USERS_DB_PORT=5432
|
|
SMQ_USERS_DB_USER=supermq
|
|
SMQ_USERS_DB_PASS=supermq
|
|
SMQ_USERS_DB_NAME=users
|
|
SMQ_USERS_DB_SSL_MODE=disable
|
|
SMQ_USERS_DB_SSL_CERT=
|
|
SMQ_USERS_DB_SSL_KEY=
|
|
SMQ_USERS_DB_SSL_ROOT_CERT=
|
|
SMQ_USERS_INSTANCE_ID=
|
|
SMQ_USERS_SECRET_KEY=HyE2D4RUt9nnKG6v8zKEqAp6g6ka8hhZsqUpzgKvnwpXrNVQSH
|
|
SMQ_USERS_ADMIN_EMAIL=admin@example.com
|
|
SMQ_USERS_ADMIN_PASSWORD=12345678
|
|
SMQ_USERS_PASS_REGEX=^.{8,}$
|
|
SMQ_USERS_ALLOW_SELF_REGISTER=true
|
|
SMQ_OAUTH_UI_REDIRECT_URL=http://localhost:9095${SMQ_UI_PATH_PREFIX}/tokens/secure
|
|
SMQ_OAUTH_UI_ERROR_URL=http://localhost:9095${SMQ_UI_PATH_PREFIX}/error
|
|
SMQ_USERS_DELETE_INTERVAL=24h
|
|
SMQ_USERS_DELETE_AFTER=720h
|
|
SMQ_PASSWORD_RESET_URL_PREFIX=http://localhost/password-reset
|
|
SMQ_PASSWORD_RESET_EMAIL_TEMPLATE=reset-password-email.tmpl
|
|
SMQ_VERIFICATION_URL_PREFIX=http://localhost/verify-email
|
|
SMQ_VERIFICATION_EMAIL_TEMPLATE=verification-email.tmpl
|
|
|
|
#### Users Client Config
|
|
SMQ_USERS_URL=http://users:9002
|
|
SMQ_USERS_GRPC_URL=users:7002
|
|
SMQ_USERS_GRPC_TIMEOUT=300s
|
|
SMQ_USERS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
|
|
SMQ_USERS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
|
|
SMQ_USERS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### Email utility
|
|
SMQ_EMAIL_HOST=host.docker.internal
|
|
SMQ_EMAIL_PORT=2525
|
|
SMQ_EMAIL_USERNAME=from@example.com
|
|
SMQ_EMAIL_PASSWORD=password
|
|
SMQ_EMAIL_FROM_ADDRESS=from@example.com
|
|
SMQ_EMAIL_FROM_NAME=Example
|
|
SMQ_EMAIL_INVITATION_TEMPLATE=invitation-sent-email.tmpl
|
|
SMQ_EMAIL_ACCEPTANCE_TEMPLATE=invitation-accepted-email.tmpl
|
|
SMQ_EMAIL_REJECTION_TEMPLATE=invitation-rejected-email.tmpl
|
|
|
|
### Notifications
|
|
SMQ_NOTIFICATIONS_LOG_LEVEL=debug
|
|
SMQ_NOTIFICATIONS_INSTANCE_ID=
|
|
|
|
### Google OAuth2
|
|
SMQ_GOOGLE_CLIENT_ID=
|
|
SMQ_GOOGLE_CLIENT_SECRET=
|
|
SMQ_GOOGLE_REDIRECT_URL=
|
|
SMQ_GOOGLE_STATE=
|
|
|
|
### Groups
|
|
SMQ_GROUPS_LOG_LEVEL=debug
|
|
SMQ_GROUPS_HTTP_HOST=groups
|
|
SMQ_GROUPS_HTTP_PORT=9004
|
|
SMQ_GROUPS_HTTP_SERVER_CERT=
|
|
SMQ_GROUPS_HTTP_SERVER_KEY=
|
|
SMQ_GROUPS_GRPC_HOST=groups
|
|
SMQ_GROUPS_GRPC_PORT=7004
|
|
SMQ_GROUPS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/groups-grpc-server.crt}${GRPC_TLS:+./ssl/certs/groups-grpc-server.crt}
|
|
SMQ_GROUPS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/groups-grpc-server.key}${GRPC_TLS:+./ssl/certs/groups-grpc-server.key}
|
|
SMQ_GROUPS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_GROUPS_DB_HOST=groups-db
|
|
SMQ_GROUPS_DB_PORT=5432
|
|
SMQ_GROUPS_DB_USER=supermq
|
|
SMQ_GROUPS_DB_PASS=supermq
|
|
SMQ_GROUPS_DB_NAME=groups
|
|
SMQ_GROUPS_DB_SSL_MODE=disable
|
|
SMQ_GROUPS_DB_SSL_CERT=
|
|
SMQ_GROUPS_DB_SSL_KEY=
|
|
SMQ_GROUPS_DB_SSL_ROOT_CERT=
|
|
SMQ_GROUPS_INSTANCE_ID=
|
|
|
|
#### Groups Client Config
|
|
SMQ_GROUPS_URL=groups:9004
|
|
SMQ_GROUPS_GRPC_URL=groups:7004
|
|
SMQ_GROUPS_GRPC_TIMEOUT=300s
|
|
SMQ_GROUPS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/groups-grpc-client.crt}
|
|
SMQ_GROUPS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/groups-grpc-client.key}
|
|
SMQ_GROUPS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### Clients
|
|
SMQ_CLIENTS_LOG_LEVEL=debug
|
|
SMQ_CLIENTS_STANDALONE_ID=
|
|
SMQ_CLIENTS_STANDALONE_TOKEN=
|
|
SMQ_CLIENTS_CACHE_KEY_DURATION=10m
|
|
SMQ_CLIENTS_HTTP_HOST=clients
|
|
SMQ_CLIENTS_HTTP_PORT=9006
|
|
SMQ_CLIENTS_GRPC_HOST=clients
|
|
SMQ_CLIENTS_GRPC_PORT=7006
|
|
SMQ_CLIENTS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.crt}${GRPC_TLS:+./ssl/certs/clients-grpc-server.crt}
|
|
SMQ_CLIENTS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.key}${GRPC_TLS:+./ssl/certs/clients-grpc-server.key}
|
|
SMQ_CLIENTS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_CLIENTS_CACHE_URL=redis://clients-redis:${SMQ_REDIS_TCP_PORT}/0
|
|
SMQ_CLIENTS_DB_HOST=clients-db
|
|
SMQ_CLIENTS_DB_PORT=5432
|
|
SMQ_CLIENTS_DB_USER=supermq
|
|
SMQ_CLIENTS_DB_PASS=supermq
|
|
SMQ_CLIENTS_DB_NAME=clients
|
|
SMQ_CLIENTS_DB_SSL_MODE=disable
|
|
SMQ_CLIENTS_DB_SSL_CERT=
|
|
SMQ_CLIENTS_DB_SSL_KEY=
|
|
SMQ_CLIENTS_DB_SSL_ROOT_CERT=
|
|
SMQ_CLIENTS_INSTANCE_ID=
|
|
|
|
#### Clients Client Config
|
|
SMQ_CLIENTS_URL=http://clients:9006
|
|
SMQ_CLIENTS_GRPC_URL=clients:7006
|
|
SMQ_CLIENTS_GRPC_TIMEOUT=300s
|
|
SMQ_CLIENTS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.crt}
|
|
SMQ_CLIENTS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.key}
|
|
SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### Channels
|
|
SMQ_CHANNELS_LOG_LEVEL=debug
|
|
SMQ_CHANNELS_HTTP_HOST=channels
|
|
SMQ_CHANNELS_HTTP_PORT=9005
|
|
SMQ_CHANNELS_GRPC_HOST=channels
|
|
SMQ_CHANNELS_GRPC_PORT=7005
|
|
SMQ_CHANNELS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/channels-grpc-server.crt}${GRPC_TLS:+./ssl/certs/channels-grpc-server.crt}
|
|
SMQ_CHANNELS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/channels-grpc-server.key}${GRPC_TLS:+./ssl/certs/channels-grpc-server.key}
|
|
SMQ_CHANNELS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
|
|
SMQ_CHANNELS_DB_HOST=channels-db
|
|
SMQ_CHANNELS_DB_PORT=5432
|
|
SMQ_CHANNELS_DB_USER=supermq
|
|
SMQ_CHANNELS_DB_PASS=supermq
|
|
SMQ_CHANNELS_DB_NAME=channels
|
|
SMQ_CHANNELS_DB_SSL_MODE=disable
|
|
SMQ_CHANNELS_DB_SSL_CERT=
|
|
SMQ_CHANNELS_DB_SSL_KEY=
|
|
SMQ_CHANNELS_DB_SSL_ROOT_CERT=
|
|
SMQ_CHANNELS_INSTANCE_ID=
|
|
SMQ_CHANNELS_CACHE_URL=redis://channels-redis:${SMQ_REDIS_TCP_PORT}/0
|
|
SMQ_CHANNELS_CACHE_KEY_DURATION=10m
|
|
|
|
#### Channels Client Config
|
|
SMQ_CHANNELS_URL=http://channels:9005
|
|
SMQ_CHANNELS_GRPC_URL=channels:7005
|
|
SMQ_CHANNELS_GRPC_TIMEOUT=300s
|
|
SMQ_CHANNELS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/channels-grpc-client.crt}
|
|
SMQ_CHANNELS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/channels-grpc-client.key}
|
|
SMQ_CHANNELS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
### HTTP
|
|
SMQ_HTTP_ADAPTER_LOG_LEVEL=debug
|
|
SMQ_HTTP_ADAPTER_HOST=http-adapter
|
|
SMQ_HTTP_ADAPTER_PORT=8008
|
|
SMQ_HTTP_ADAPTER_SERVER_CERT=
|
|
SMQ_HTTP_ADAPTER_SERVER_KEY=
|
|
SMQ_HTTP_ADAPTER_CACHE_NUM_COUNTERS=200000
|
|
SMQ_HTTP_ADAPTER_CACHE_MAX_COST=1048576
|
|
SMQ_HTTP_ADAPTER_CACHE_BUFFER_ITEMS=64
|
|
SMQ_HTTP_ADAPTER_INSTANCE_ID=
|
|
|
|
### MQTT
|
|
SMQ_MQTT_ADAPTER_LOG_LEVEL=debug
|
|
SMQ_MQTT_ADAPTER_MQTT_PORT=1883
|
|
SMQ_MQTT_ADAPTER_FORWARDER_TIMEOUT=30s
|
|
SMQ_MQTT_ADAPTER_WS_PORT=8080
|
|
SMQ_MQTT_ADAPTER_INSTANCE=
|
|
SMQ_MQTT_ADAPTER_INSTANCE_ID=
|
|
SMQ_MQTT_ADAPTER_ES_DB=0
|
|
SMQ_MQTT_ADAPTER_CACHE_NUM_COUNTERS=200000
|
|
SMQ_MQTT_ADAPTER_CACHE_MAX_COST=1048576
|
|
SMQ_MQTT_ADAPTER_CACHE_BUFFER_ITEMS=64
|
|
SMQ_MQTT_ADAPTER_CERT_FILE=
|
|
SMQ_MQTT_ADAPTER_KEY_FILE=
|
|
SMQ_MQTT_ADAPTER_SERVER_CA_FILE=
|
|
SMQ_MQTT_ADAPTER_CLIENT_CA_FILE=
|
|
SMQ_MQTT_ADAPTER_CERT_VERIFICATION_METHODS=
|
|
SMQ_MQTT_ADAPTER_OCSP_RESPONDER_URL=
|
|
|
|
### CoAP
|
|
## If enabled run make all inside docker/ssl directory to generate the DTLS certs
|
|
SMQ_COAP_DTLS=
|
|
SMQ_COAP_ADAPTER_LOG_LEVEL=debug
|
|
SMQ_COAP_ADAPTER_HOST=coap-adapter
|
|
SMQ_COAP_ADAPTER_PORT=5683
|
|
SMQ_COAP_ADAPTER_SERVER_CERT_FILE=${SMQ_COAP_DTLS:+./ssl/certs/coap-server.crt}
|
|
SMQ_COAP_ADAPTER_SERVER_KEY_FILE=${SMQ_COAP_DTLS:+./ssl/certs/coap-server.key}
|
|
SMQ_COAP_ADAPTER_SERVER_CA_FILE=${SMQ_COAP_DTLS:+./ssl/certs/coap-server-ca.crt}
|
|
SMQ_COAP_ADAPTER_HTTP_HOST=coap-adapter
|
|
SMQ_COAP_ADAPTER_HTTP_PORT=5683
|
|
SMQ_COAP_ADAPTER_HTTP_SERVER_CERT=
|
|
SMQ_COAP_ADAPTER_HTTP_SERVER_KEY=
|
|
SMQ_COAP_ADAPTER_CACHE_NUM_COUNTERS=200000
|
|
SMQ_COAP_ADAPTER_CACHE_MAX_COST=1048576
|
|
SMQ_COAP_ADAPTER_CACHE_BUFFER_ITEMS=64
|
|
SMQ_COAP_ADAPTER_INSTANCE_ID=
|
|
|
|
## Addons Services
|
|
# Certs
|
|
AM_CERTS_LOG_LEVEL=debug
|
|
AM_CERTS_HTTP_HOST=certs
|
|
AM_CERTS_HTTP_PORT=9019
|
|
AM_CERTS_GRPC_HOST=certs
|
|
AM_CERTS_GRPC_PORT=7012
|
|
AM_CERTS_RELEASE_TAG=latest
|
|
AM_CERTS_SECRET=12345678
|
|
|
|
## Certs Database Configuration
|
|
AM_CERTS_DB_HOST=certs-db
|
|
AM_CERTS_DB_PORT=5432
|
|
AM_CERTS_DB_USER=absmach
|
|
AM_CERTS_DB_PASS=absmach
|
|
AM_CERTS_DB=certs
|
|
AM_CERTS_DB_SSL_MODE=disable
|
|
AM_CERTS_DB_MAX_CONNECTIONS=100
|
|
|
|
## OpenBao Configuration for Certs
|
|
AM_CERTS_OPENBAO_HOST=http://certs-openbao:8200
|
|
AM_CERTS_OPENBAO_APP_ROLE=absmach
|
|
AM_CERTS_OPENBAO_APP_SECRET=absmach
|
|
AM_CERTS_OPENBAO_NAMESPACE=
|
|
AM_CERTS_OPENBAO_PKI_PATH=pki
|
|
AM_CERTS_OPENBAO_ROLE=absmach
|
|
AM_CERTS_OPENBAO_SECRET_ID_TTL=720h
|
|
AM_CERTS_SERVICE_TOKEN_PATH=/openbao/service_token
|
|
AM_CERTS_SECRET_ID_PATH=/openbao/secret_id
|
|
AM_CERTS_SECRET_RENEW_THRESHOLD=24h
|
|
AM_CERTS_SECRET_CHECK_INTERVAL=1h
|
|
|
|
## OpenBao PKI CA Configuration
|
|
AM_CERTS_OPENBAO_PKI_CA_CN=Abstract Machines Certificate Authority
|
|
AM_CERTS_OPENBAO_PKI_CA_OU=Abstract Machines
|
|
AM_CERTS_OPENBAO_PKI_CA_O=AbstractMachines
|
|
AM_CERTS_OPENBAO_PKI_CA_C=FRANCE
|
|
AM_CERTS_OPENBAO_PKI_CA_L=PARIS
|
|
AM_CERTS_OPENBAO_PKI_CA_ST=PARIS
|
|
AM_CERTS_OPENBAO_PKI_CA_ADDR=5 Av. Anatole
|
|
AM_CERTS_OPENBAO_PKI_CA_PO=75007
|
|
AM_CERTS_OPENBAO_PKI_CA_DNS_NAMES=localhost
|
|
AM_CERTS_OPENBAO_PKI_CA_IP_ADDRESSES=127.0.0.1,::1
|
|
AM_CERTS_OPENBAO_PKI_CA_URI_SANS=
|
|
AM_CERTS_OPENBAO_PKI_CA_EMAIL_ADDRESSES=info@abstractmachines.rs
|
|
|
|
## OpenBao Unseal Keys and Token
|
|
AM_CERTS_OPENBAO_UNSEAL_KEY_1=
|
|
AM_CERTS_OPENBAO_UNSEAL_KEY_2=
|
|
AM_CERTS_OPENBAO_UNSEAL_KEY_3=
|
|
AM_CERTS_OPENBAO_ROOT_TOKEN=
|
|
|
|
## Jaeger Configuration for Certs
|
|
AM_JAEGER_URL=http://jaeger:4318/v1/traces
|
|
AM_JAEGER_TRACE_RATIO=1.0
|
|
|
|
#### Auth Client Config for Certs Service
|
|
SMQ_ADDONS_CERTS_PATH_PREFIX=../../
|
|
AM_AUTH_GRPC_URL=auth:7001
|
|
AM_AUTH_GRPC_TIMEOUT=300s
|
|
AM_AUTH_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.crt}
|
|
AM_AUTH_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.key}
|
|
AM_AUTH_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
#### Domains Client Config for Certs Service
|
|
AM_DOMAINS_GRPC_URL=domains:7003
|
|
AM_DOMAINS_GRPC_TIMEOUT=300s
|
|
AM_DOMAINS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
|
|
AM_DOMAINS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
|
|
AM_DOMAINS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
|
|
|
|
SMQ_CERTS_JAEGER_FRONTEND=16687
|
|
SMQ_CERTS_JAEGER_OLTP_HTTP=4319
|
|
|
|
### Postgres
|
|
SMQ_POSTGRES_HOST=supermq-postgres
|
|
SMQ_POSTGRES_PORT=5432
|
|
SMQ_POSTGRES_USER=supermq
|
|
SMQ_POSTGRES_PASS=supermq
|
|
SMQ_POSTGRES_NAME=messages
|
|
SMQ_POSTGRES_SSL_MODE=disable
|
|
SMQ_POSTGRES_SSL_CERT=
|
|
SMQ_POSTGRES_SSL_KEY=
|
|
SMQ_POSTGRES_SSL_ROOT_CERT=
|
|
|
|
### Timescale
|
|
SMQ_TIMESCALE_HOST=supermq-timescale
|
|
SMQ_TIMESCALE_PORT=5432
|
|
SMQ_TIMESCALE_USER=supermq
|
|
SMQ_TIMESCALE_PASS=supermq
|
|
SMQ_TIMESCALE_NAME=supermq
|
|
SMQ_TIMESCALE_SSL_MODE=disable
|
|
SMQ_TIMESCALE_SSL_CERT=
|
|
SMQ_TIMESCALE_SSL_KEY=
|
|
SMQ_TIMESCALE_SSL_ROOT_CERT=
|
|
|
|
### Journal
|
|
SMQ_JOURNAL_LOG_LEVEL=info
|
|
SMQ_JOURNAL_HTTP_HOST=journal
|
|
SMQ_JOURNAL_HTTP_PORT=9021
|
|
SMQ_JOURNAL_HTTP_SERVER_CERT=
|
|
SMQ_JOURNAL_HTTP_SERVER_KEY=
|
|
SMQ_JOURNAL_DB_HOST=journal-db
|
|
SMQ_JOURNAL_DB_PORT=5432
|
|
SMQ_JOURNAL_DB_USER=supermq
|
|
SMQ_JOURNAL_DB_PASS=supermq
|
|
SMQ_JOURNAL_DB_NAME=journal
|
|
SMQ_JOURNAL_DB_SSL_MODE=disable
|
|
SMQ_JOURNAL_DB_SSL_CERT=
|
|
SMQ_JOURNAL_DB_SSL_KEY=
|
|
SMQ_JOURNAL_DB_SSL_ROOT_CERT=
|
|
SMQ_JOURNAL_INSTANCE_ID=
|
|
|
|
### GRAFANA and PROMETHEUS
|
|
SMQ_PROMETHEUS_PORT=9090
|
|
SMQ_GRAFANA_PORT=3000
|
|
SMQ_GRAFANA_ADMIN_USER=supermq
|
|
SMQ_GRAFANA_ADMIN_PASSWORD=supermq
|
|
|
|
## Allow unverified user to access
|
|
SMQ_ALLOW_UNVERIFIED_USER=true
|
|
|
|
|
|
# Docker image tag
|
|
SMQ_RELEASE_TAG=latest
|