tio/config.yaml at develop · ruffjs/tio · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
api:
  # Http rest api port
  port: 9000
  # Basic authentication for http api
  # If there is no configuration, there is no authentication
  basicAuth:
    name: admin
    password: public

db:
  type: sqlite            # sqlite or mysql
  sqlite:
    filePath: tio.sqlite  # filepath or ":memory:"
    showSql: true         # print log for sql
  mysql:
    host: 127.0.0.1
    port: 3306
    user: tio
    password: public
    db: tio
    charset: utf8
    timezone: Asia%2FShanghai
    maxIdleConns: 4
    maxOpenConns: 50
    connMaxLifetime: 60
    showSql: true       # print log for sql

connector:
  # Currently, supported:
  # - emqx -- emqx mqtt broker
  # - embed -- embedded mqtt broker
  type: embed

  # Configuration for tio to connect mqtt broker
  mqttClient:
    clientId: $tio
    host: localhost
    port: 1883
    user: $tio
    password: public
    # If there is no special reason, please set it to false (default is false),
    # so that mqtt messages will not be missed for tio during tio restart.
    cleanSession: false

  # If connector.type is embed,
  # a mqtt broker server will be launched using the following configuration
  # Only the tcp protocol is enabled by default,
  # and if the ssl, wss ports are not configured, they will not be enabled.
  mqttBroker:
    tcpPort: 1883           # default is 1883
    tcpSslPort: 8883        # tcp SSL/TLS, default is 0 means it is disabled
    wsPort: 8083            # mqtt over websocket, default is 8083
    # wssPort: 8084           # mqtt over websocket(SSL/TLS), default is 0 means it is disabled

    # The following public ports are used externally to understand the current available external ports,
    # NOT for the tio server,
    # such as publicWsPort or publicWssPort as the default port of mqtt client on the web console.
    # If these ports are left blank, the previous ports value are used by default

    # publicTcpPort:
    # publicTcpSslPort:
    # publicWsPort:
    # publicWssPort:


    # If tcpSslPort or wssPort has configured, certFile and keyFile must also be configured
    # require X509 PEM encoded file
    # For mTLS demo, use the certificates generated in demos/mtls/certs/
    certFile: "./demos/mtls/certs/server-cert.pem"
    keyFile: "./demos/mtls/certs/server-key.pem"
    clientCaFile: "./demos/mtls/certs/ca.pem"
    requireClientCert: true

    # Max 65535 , default 8192
    # maximumInflight: 8192

    # mqtt storage, if left blank, the storage is disabled
    # https://github.com/mochi-mqtt/server?tab=readme-ov-file#badger-db
    storage:
      type: file  # file or redis
      filePath: "./embed-mqtt.db" # when type is file
      redis:
        addr: 127.0.0.1:6379
        db: 1
        password:
        keyPrefix: "tio:"

    # Users can publish and subscribe all topics
    superUsers:
      - name: $tio
        password: public
      - name: $biz
        password: public

  emqx:
    apiPrefix: http://localhost:18083
    apiUser: admin
    apiPassword: public

shadow:
  # Configure which shadow topics should exclude metadata to reduce payload size
  # This is particularly useful for MCU clients with limited bandwidth or memory
  # Available topic suffixes:
  #   - "/get/accepted": Shadow get response messages
  #   - "/update/accepted": Shadow update accepted messages
  #   - "/update/delta": Shadow delta state messages
  #   - "/update/documents": Shadow document update messages
  # For shadow get requests to $iothub/things/{thingId}/shadows/name/default/get,
  # the noMetadata field can be used to exclude metadata from the response:
  # {
  #   "clientToken": "generate-unique-token-string",
  #   "noMetadata": true
  # }
  ignoreMetadataFor:
    - "/get/accepted"
    - "/update/accepted"
    - "/update/delta"
    - "/update/documents"
# Provision secret for automatic thing creation
# Thing's password should comply the generative rule:
#   echo -n "thingId" | openssl dgst -md5 -hmac "provisionSecret" | xargs -I {} echo H{}
# If provisionSecret is an empty string, disable automatic thing creation
provisionSecret:

log:
  level: debug # debug info warn error

# Enable golang pprof http api
pprof:
  enabled: true
  port: 6060