James Andariese
2a9b3551f8
* adds a server cert from the mtls CA for mtls clients * adds gost as a tls offload for non-mtls clients to work around https://github.com/eclipse/mosquitto/issues/1839 * adds wildcard-tls through external secrets and removes template operator version * removes non-working websockets listener * fixes tests to work with mtls and non-mtls
35 lines
770 B
YAML
35 lines
770 B
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: mosquitto-config
|
|
namespace: mosquitto
|
|
data:
|
|
mosquitto.conf: |
|
|
persistence true
|
|
persistence_location /mosquitto/data/
|
|
log_dest stdout
|
|
log_timestamp_format %Y-%m-%dT%H:%M:%S
|
|
connection_messages true
|
|
per_listener_settings true
|
|
|
|
listener 1883
|
|
allow_anonymous false
|
|
password_file /mosquitto/passwords/mosquitto.passwd
|
|
protocol mqtt
|
|
listener 8883
|
|
allow_anonymous false
|
|
certfile /mosquitto/mtls/tls.crt
|
|
keyfile /mosquitto/mtls/tls.key
|
|
cafile /mosquitto/ca/ca.crt
|
|
require_certificate true
|
|
use_identity_as_username true
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: mosquitto-http-dir
|
|
namespace: mosquitto
|
|
data:
|
|
health: |
|
|
{"healthy": true}
|