From e96c37bad1d693f60a735402ff299d634c36c54d Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Sun, 6 Oct 2024 16:38:51 +0300
Subject: [PATCH 1/6] add config for mosquitto broker

---
 mosquitto/config/mosquitto.conf | 23 +++++++++++++++++++++++
 mosquitto/config/password_1     |  1 +
 2 files changed, 24 insertions(+)
 create mode 100644 mosquitto/config/mosquitto.conf
 create mode 100644 mosquitto/config/password_1

diff --git a/mosquitto/config/mosquitto.conf b/mosquitto/config/mosquitto.conf
new file mode 100644
index 00000000..53ac167a
--- /dev/null
+++ b/mosquitto/config/mosquitto.conf
@@ -0,0 +1,23 @@
+# Server insternal net
+listener 1883
+
+#websockets with SSL
+listener 9001 
+protocol websockets
+
+# auth
+allow_anonymous false
+password_file /mosquitto/config/password_1
+
+# save data to db
+persistence true
+persistence_location /mosquitto/data/
+autosave_interval 900
+
+#logging
+#log_dest file /mosquitto/log/mosquitto.log
+connection_messages false
+
+#optimization
+max_queued_messages 20
+memory_limit 512000000
\ No newline at end of file
diff --git a/mosquitto/config/password_1 b/mosquitto/config/password_1
new file mode 100644
index 00000000..60ab0bcf
--- /dev/null
+++ b/mosquitto/config/password_1
@@ -0,0 +1 @@
+altzone:$7$101$z6PlC7rz+ZYrZb5J$j+RaRryaVzq2FSDeqonovR44pDo32yV7Me0hGmwpilTqtx7vJ+VrK3wivb/6rQLz2tAF7QxTbUSWlO2wNqLv8A==
\ No newline at end of file

From ded1ec6f5e6f777eee43efa22fd65f06dc85be28 Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Sun, 6 Oct 2024 16:39:11 +0300
Subject: [PATCH 2/6] add mosquitto image to dev docker compose

---
 docker-compose.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 41b0b91d..4ffb5d78 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -53,6 +53,18 @@ services:
     networks:
       - redis
 
+  mosquitto_dev:
+    image: eclipse-mosquitto:2.0
+    container_name: altzone_mosquitto_dev
+    ports:
+      - 1883:1883
+    networks:
+      - backend
+    volumes:
+      - altzone_mosquitto_dev:/mosquitto/data
+      - ./mosquitto/config:/mosquitto/config
+      - ./mosquitto/log:/mosquitto/log
+
   proxy_dev:
     build:
       dockerfile: dev_nginx.Dockerfile
@@ -77,4 +89,5 @@ networks:
 
 volumes:
   altzone_db_dev:
-  altzone_redis_dev:
\ No newline at end of file
+  altzone_redis_dev:
+  altzone_mosquitto_dev:
\ No newline at end of file

From 05cbaa2e1e3b96fbdcee8902372128a3970ba109 Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Sun, 6 Oct 2024 16:39:43 +0300
Subject: [PATCH 3/6] add mosquitto for dev to nginx config

---
 nginx.conf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/nginx.conf b/nginx.conf
index 19b4b884..ed614628 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -26,6 +26,14 @@ http {
             try_files $uri $uri/ =404;
         }
 
+        location /mqtt {
+            proxy_pass http://altzone_mosquitto_dev:9001;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "Upgrade";
+            proxy_set_header Host $host;
+        }
+
 #         location ^~ /public/metaData {
 #             try_files $uri $uri/ =404;
 #         }

From 09298cb09cb3030b48a8bc252f46e0f9c06b5929 Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Sun, 6 Oct 2024 16:40:02 +0300
Subject: [PATCH 4/6] add mosquitto setup for prod docker compose

---
 prod_docker-compose.yml | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/prod_docker-compose.yml b/prod_docker-compose.yml
index 38353556..e1716dc8 100644
--- a/prod_docker-compose.yml
+++ b/prod_docker-compose.yml
@@ -28,7 +28,11 @@ services:
       - REDIS_PASSWORD=mySecretPassword
       - REDIS_HOST=redis
       - REDIS_PORT=6379
-
+      - MOSQUITTO_HOST=mosquitto
+      - MOSQUITTO_PORT=1883
+      - MOSQUITTO_USER=altzone
+      - MOSQUITTO_PASSWORD=mysecretpassword
+      
   site:
     image: leolab1337/altzone_web_pages:v2
     container_name: altzone_site
@@ -94,6 +98,16 @@ services:
     networks:
       - redis
 
+  mosquitto:
+    image: eclipse-mosquitto:2.0
+    container_name: altzone_mosquitto
+    networks:
+      - backend
+    volumes:
+      - altzone_mosquitto:/mosquitto/data
+      - ./mosquitto/config:/mosquitto/config
+      - ./mosquitto/log:/mosquitto/log
+
   owncloud:
     image: owncloud/server:10.15
     container_name: altzone_owncloud
@@ -171,4 +185,5 @@ networks:
 volumes:
   altzone_db:
   owncloud_db:
-  altzone_redis:
\ No newline at end of file
+  altzone_redis:
+  altzone_mosquitto:
\ No newline at end of file

From 9995e9988343260c82329dbcd551611a28f5818c Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Wed, 9 Oct 2024 13:26:47 +0300
Subject: [PATCH 5/6] add trusted publishers to mosquitto config

---
 mosquitto/config/aclfile.conf   | 7 +++++++
 mosquitto/config/mosquitto.conf | 5 ++++-
 mosquitto/config/password_1     | 3 ++-
 3 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 mosquitto/config/aclfile.conf

diff --git a/mosquitto/config/aclfile.conf b/mosquitto/config/aclfile.conf
new file mode 100644
index 00000000..be73ae31
--- /dev/null
+++ b/mosquitto/config/aclfile.conf
@@ -0,0 +1,7 @@
+# Allow the server device to publish to all topics
+user publisher
+topic write #
+
+# Allow other nodes to subscribe to all topics but not publish
+user subscriber
+topic read #
\ No newline at end of file
diff --git a/mosquitto/config/mosquitto.conf b/mosquitto/config/mosquitto.conf
index 53ac167a..d9878370 100644
--- a/mosquitto/config/mosquitto.conf
+++ b/mosquitto/config/mosquitto.conf
@@ -9,6 +9,9 @@ protocol websockets
 allow_anonymous false
 password_file /mosquitto/config/password_1
 
+# Permissions
+acl_file /mosquitto/config/aclfile.conf
+
 # save data to db
 persistence true
 persistence_location /mosquitto/data/
@@ -16,7 +19,7 @@ autosave_interval 900
 
 #logging
 #log_dest file /mosquitto/log/mosquitto.log
-connection_messages false
+connection_messages true
 
 #optimization
 max_queued_messages 20
diff --git a/mosquitto/config/password_1 b/mosquitto/config/password_1
index 60ab0bcf..b529f9cc 100644
--- a/mosquitto/config/password_1
+++ b/mosquitto/config/password_1
@@ -1 +1,2 @@
-altzone:$7$101$z6PlC7rz+ZYrZb5J$j+RaRryaVzq2FSDeqonovR44pDo32yV7Me0hGmwpilTqtx7vJ+VrK3wivb/6rQLz2tAF7QxTbUSWlO2wNqLv8A==
\ No newline at end of file
+publisher:$7$101$M3QOKHW8D+4Y0ykp$vBiFSzy1aDmBBDWg736lbVOxcGyyAaVxRLquxO/OlIqf2nEOoCEcJgptE/kz/xfHj2yO5QmmBnWmTmAj7BvMfg==
+subscriber:$7$101$uiJROPjD9vrWS/DE$pu4oxh4v1oH+VhYs0fM3C9AN37jmi3v7Ypzsja0zAM9fg7ILMdIrzkgoVofGWSu2ZFA/KzWvIc3GG3lA87fRUA==

From dc10d5ae8e107ddb5427e92b697ca73622dcc0f0 Mon Sep 17 00:00:00 2001
From: Mikhail Deriabin <47395053+MikhailDeriabin@users.noreply.github.com>
Date: Wed, 9 Oct 2024 13:27:16 +0300
Subject: [PATCH 6/6] update env for prod docker compose

---
 prod_docker-compose.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/prod_docker-compose.yml b/prod_docker-compose.yml
index e1716dc8..774eeab4 100644
--- a/prod_docker-compose.yml
+++ b/prod_docker-compose.yml
@@ -30,8 +30,10 @@ services:
       - REDIS_PORT=6379
       - MOSQUITTO_HOST=mosquitto
       - MOSQUITTO_PORT=1883
-      - MOSQUITTO_USER=altzone
-      - MOSQUITTO_PASSWORD=mysecretpassword
+      - MOSQUITTO_SUBSCRIBER_USER=subscriber
+      - MOSQUITTO_SUBSCRIBER_PASSWORD=subscriberPassword
+      - MOSQUITTO_PUBLISHER=publisher
+      - MOSQUITTO_PUBLISHER_PASSWORD=publisherPassword
       
   site:
     image: leolab1337/altzone_web_pages:v2