per_listener_settings true
log_type error
z#log_type warning
#log_type notice
#log_type information
#log_type debug
#connection_messages true

persistence true
persistence_location /rmap/mosquitto/
persistent_client_expiration 1d
max_queued_messages 100000
max_queued_bytes 0
max_inflight_messages 0
max_inflight_bytes 0


listener 1883
max_connections 300
allow_anonymous false
#use_username_as_clientid true
#password_file /etc/mosquitto/pwfile
#acl_file /etc/mosquitto/aclfile

auth_plugin /usr/lib64/auth-plug.so
#auth_plugin /usr/lib64/plugin_debug.so
#number of seconds to cache ACL lookups. 0 disables
auth_opt_acl_cacheseconds        2222
#number of seconds to cache AUTH lookups. 0 disables
auth_opt_auth_cacheseconds       2222
#maximum number of seconds to add/remove to ACL lookups cache TTL. 0 disables
auth_opt_acl_cachejitter         180
#maximum number of seconds to add/remove to AUTH lookups cache TTL. 0 disables
auth_opt_auth_cachejitter        180
#static definition of superusers
#auth_opt_superusers rmap

#don't log DEBUG messages
auth_opt_log_quiet true

#auth_opt_backends http
auth_opt_backends http,files

# FILES
#auth_opt_backends files
auth_opt_password_file /etc/mosquitto/file.pwd
auth_opt_acl_file /etc/mosquitto/aclfile

## HTTP
#auth_opt_backends http
auth_opt_http_hostname <http auth server host name>
auth_opt_http_ip <http auth server host IP>
auth_opt_http_port 80
# auth per user with check by http server
#auth_opt_http_getuser_uri /auth/auth

#auth per user with check by auth plugin with sha
auth_opt_http_getuser_uri /auth/auth_sha

#auth per user / per station with check by auth plugin with sha
auth_opt_http_getuser_uri /auth/sha

auth_opt_http_superuser_uri /auth/superuser
auth_opt_http_aclcheck_uri /auth/acl
auth_plugin_deny_special_chars false

#-----------------------------------------------------------------------------                                                    
listener 8884
max_connections 300
protocol websockets
allow_anonymous false
certfile /etc/mosquitto/fullchain.pem
keyfile /etc/mosquitto/privkey.pem
tls_version tlsv1.2
require_certificate false

auth_plugin /usr/lib64/auth-plug.so
#auth_plugin /usr/lib64/plugin_debug.so
#number of seconds to cache ACL lookups. 0 disables
auth_opt_acl_cacheseconds        2222
#number of seconds to cache AUTH lookups. 0 disables
auth_opt_auth_cacheseconds       2222
#maximum number of seconds to add/remove to ACL lookups cache TTL. 0 disables
auth_opt_acl_cachejitter         180
#maximum number of seconds to add/remove to AUTH lookups cache TTL. 0 disables
auth_opt_auth_cachejitter        180
#static definition of superusers
#auth_opt_superusers rmap

#don't log DEBUG messages
auth_opt_log_quiet true

#auth_opt_backends http
auth_opt_backends http,files

# FILES
#auth_opt_backends files
auth_opt_password_file /etc/mosquitto/file.pwd
auth_opt_acl_file /etc/mosquitto/aclfile

## HTTP
#auth_opt_backends http
auth_opt_http_hostname rmap8-devel
auth_opt_http_ip 172.19.99.213
auth_opt_http_port 80
# auth per user with check by http server
#auth_opt_http_getuser_uri /auth/auth

#auth per user with check by auth plugin with sha
auth_opt_http_getuser_uri /auth/auth_sha

#auth per user / per station with check by auth plugin with sha
auth_opt_http_getuser_uri /auth/sha
auth_opt_http_superuser_uri /auth/superuser
auth_opt_http_aclcheck_uri /auth/acl
auth_plugin_deny_special_chars false

#------------------------------------------------------------------------------                                                   

listener 8883
max_connections 300
allow_anonymous false
use_identity_as_username true
#use_username_as_clientid true
#password_file /etc/mosquitto/pwfile
#acl_file /etc/mosquitto/aclfile

auth_plugin /usr/lib64/auth-plug.so
#auth_plugin /usr/lib64/plugin_debug.so
#number of seconds to cache ACL lookups. 0 disables
auth_opt_acl_cacheseconds        2222
#number of seconds to cache AUTH lookups. 0 disables
auth_opt_auth_cacheseconds       2222
#maximum number of seconds to add/remove to ACL lookups cache TTL. 0 disables
auth_opt_acl_cachejitter         180
#maximum number of seconds to add/remove to AUTH lookups cache TTL. 0 disables
auth_opt_auth_cachejitter        180
#static definition of superusers
#auth_opt_superusers rmap

#don't log DEBUG messages
auth_opt_log_quiet true

auth_opt_backends http,files

# FILES
#auth_opt_backends files
auth_opt_psk_database files
auth_opt_password_file /etc/mosquitto/file.psk
auth_opt_acl_file /etc/mosquitto/aclfile

# HTTP
#auth_opt_backends http
auth_opt_psk_database http
auth_opt_http_hostname <http auth server host name>
auth_opt_http_ip <http auth server host IP>
auth_opt_http_port 80
auth_opt_http_getuser_uri /auth/pskkey
auth_opt_http_superuser_uri /auth/superuser
auth_opt_http_aclcheck_uri /auth/acl
auth_plugin_deny_special_chars false

ciphers PSK-AES256-CCM:DHE-PSK-AES128-GCM-SHA256:DHE-PSK-AES256-GCM-SHA384:ECDHE-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305

#ciphers PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:PSK-AES256-CCM:PSK-AES128-GCM-SHA256:PSK-AES128-CCM:PSK-AES256-CBC-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA:DHE-PSK-AES256-GCM-SHA384:DHE-PSK-CHACHA20-POLY1305:DHE-PSK-AES256-CCM:DHE-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-CCM:DHE-PSK-AES256-CBC-SHA:DHE-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA:ECDHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA

#tls_version tlsv1.0

psk_hint rmap
#psk_file /etc/mosquitto/pskfile