From dc9a44cf1c36257d95bc7b60b1813e0a24539d08 Mon Sep 17 00:00:00 2001 From: JeffMboya Date: Wed, 19 Feb 2025 14:48:16 +0300 Subject: [PATCH] rename SMQ_CLIENTS_AUTH_GRPC_ to SMQ_CLIENTS_GRPC_ Signed-off-by: JeffMboya --- clients/README.md | 68 ++++++++-------- cmd/channels/main.go | 2 +- cmd/clients/main.go | 2 +- cmd/coap/main.go | 2 +- cmd/groups/main.go | 2 +- cmd/http/main.go | 2 +- cmd/mqtt/main.go | 2 +- cmd/ws/main.go | 2 +- coap/README.md | 54 ++++++------- docker/.env | 20 ++--- docker/docker-compose.yml | 160 +++++++++++++++++++------------------- http/README.md | 46 +++++------ mqtt/README.md | 22 +++--- scripts/run.sh | 10 +-- ws/README.md | 46 +++++------ 15 files changed, 220 insertions(+), 220 deletions(-) diff --git a/clients/README.md b/clients/README.md index 30e73888b0..4f126aa5ed 100644 --- a/clients/README.md +++ b/clients/README.md @@ -16,40 +16,40 @@ The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. -| Variable | Description | Default | -| --------------------------------- | ----------------------------------------------------------------------- | ------------------------------ | -| SMQ_CLIENTS_LOG_LEVEL | Log level for Clients (debug, info, warn, error) | info | -| SMQ_CLIENTS_HTTP_HOST | Clients service HTTP host | localhost | -| SMQ_CLIENTS_HTTP_PORT | Clients service HTTP port | 9000 | -| SMQ_CLIENTS_SERVER_CERT | Path to the PEM encoded server certificate file | "" | -| SMQ_CLIENTS_SERVER_KEY | Path to the PEM encoded server key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_HOST | Clients service gRPC host | localhost | -| SMQ_CLIENTS_AUTH_GRPC_PORT | Clients service gRPC port | 7000 | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT | Path to the PEM encoded server certificate file | "" | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY | Path to the PEM encoded server key file | "" | -| SMQ_CLIENTS_DB_HOST | Database host address | localhost | -| SMQ_CLIENTS_DB_PORT | Database host port | 5432 | -| SMQ_CLIENTS_DB_USER | Database user | supermq | -| SMQ_CLIENTS_DB_PASS | Database password | supermq | -| SMQ_CLIENTS_DB_NAME | Name of the database used by the service | clients | -| SMQ_CLIENTS_DB_SSL_MODE | Database connection SSL mode (disable, require, verify-ca, verify-full) | disable | -| SMQ_CLIENTS_DB_SSL_CERT | Path to the PEM encoded certificate file | "" | -| SMQ_CLIENTS_DB_SSL_KEY | Path to the PEM encoded key file | "" | -| SMQ_CLIENTS_DB_SSL_ROOT_CERT | Path to the PEM encoded root certificate file | "" | -| SMQ_CLIENTS_CACHE_URL | Cache database URL | | -| SMQ_CLIENTS_CACHE_KEY_DURATION | Cache key duration in seconds | 3600 | -| SMQ_CLIENTS_ES_URL | Event store URL | | -| SMQ_CLIENTS_ES_PASS | Event store password | "" | -| SMQ_CLIENTS_ES_DB | Event store instance name | 0 | -| SMQ_CLIENTS_STANDALONE_ID | User ID for standalone mode (no gRPC communication with Auth) | "" | -| SMQ_CLIENTS_STANDALONE_TOKEN | User token for standalone mode that should be passed in auth header | "" | -| SMQ_JAEGER_URL | Jaeger server URL | | -| SMQ_AUTH_GRPC_URL | Auth service gRPC URL | localhost:7001 | -| SMQ_AUTH_GRPC_TIMEOUT | Auth service gRPC request timeout in seconds | 1s | -| SMQ_AUTH_GRPC_CLIENT_TLS | Enable TLS for gRPC client | false | -| SMQ_AUTH_GRPC_CA_CERT | Path to the CA certificate file | "" | -| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server. | true | -| Clients_INSTANCE_ID | Clients instance ID | "" | +| Variable | Description | Default | +| ------------------------------ | ----------------------------------------------------------------------- | ------------------------------ | +| SMQ_CLIENTS_LOG_LEVEL | Log level for Clients (debug, info, warn, error) | info | +| SMQ_CLIENTS_HTTP_HOST | Clients service HTTP host | localhost | +| SMQ_CLIENTS_HTTP_PORT | Clients service HTTP port | 9000 | +| SMQ_CLIENTS_SERVER_CERT | Path to the PEM encoded server certificate file | "" | +| SMQ_CLIENTS_SERVER_KEY | Path to the PEM encoded server key file | "" | +| SMQ_CLIENTS_GRPC_HOST | Clients service gRPC host | localhost | +| SMQ_CLIENTS_GRPC_PORT | Clients service gRPC port | 7000 | +| SMQ_CLIENTS_GRPC_SERVER_CERT | Path to the PEM encoded server certificate file | "" | +| SMQ_CLIENTS_GRPC_SERVER_KEY | Path to the PEM encoded server key file | "" | +| SMQ_CLIENTS_DB_HOST | Database host address | localhost | +| SMQ_CLIENTS_DB_PORT | Database host port | 5432 | +| SMQ_CLIENTS_DB_USER | Database user | supermq | +| SMQ_CLIENTS_DB_PASS | Database password | supermq | +| SMQ_CLIENTS_DB_NAME | Name of the database used by the service | clients | +| SMQ_CLIENTS_DB_SSL_MODE | Database connection SSL mode (disable, require, verify-ca, verify-full) | disable | +| SMQ_CLIENTS_DB_SSL_CERT | Path to the PEM encoded certificate file | "" | +| SMQ_CLIENTS_DB_SSL_KEY | Path to the PEM encoded key file | "" | +| SMQ_CLIENTS_DB_SSL_ROOT_CERT | Path to the PEM encoded root certificate file | "" | +| SMQ_CLIENTS_CACHE_URL | Cache database URL | | +| SMQ_CLIENTS_CACHE_KEY_DURATION | Cache key duration in seconds | 3600 | +| SMQ_CLIENTS_ES_URL | Event store URL | | +| SMQ_CLIENTS_ES_PASS | Event store password | "" | +| SMQ_CLIENTS_ES_DB | Event store instance name | 0 | +| SMQ_CLIENTS_STANDALONE_ID | User ID for standalone mode (no gRPC communication with Auth) | "" | +| SMQ_CLIENTS_STANDALONE_TOKEN | User token for standalone mode that should be passed in auth header | "" | +| SMQ_JAEGER_URL | Jaeger server URL | | +| SMQ_AUTH_GRPC_URL | Auth service gRPC URL | localhost:7001 | +| SMQ_AUTH_GRPC_TIMEOUT | Auth service gRPC request timeout in seconds | 1s | +| SMQ_AUTH_GRPC_CLIENT_TLS | Enable TLS for gRPC client | false | +| SMQ_AUTH_GRPC_CA_CERT | Path to the CA certificate file | "" | +| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server. | true | +| Clients_INSTANCE_ID | Clients instance ID | "" | **Note** that if you want `clients` service to have only one user locally, you should use `CLIENTS_STANDALONE` env vars. By specifying these, you don't need `auth` service in your deployment for users' authorization. diff --git a/cmd/channels/main.go b/cmd/channels/main.go index c83bf37090..d34e9f1914 100644 --- a/cmd/channels/main.go +++ b/cmd/channels/main.go @@ -66,7 +66,7 @@ const ( envPrefixHTTP = "SMQ_CHANNELS_HTTP_" envPrefixGRPC = "SMQ_CHANNELS_GRPC_" envPrefixAuth = "SMQ_AUTH_GRPC_" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" envPrefixGroups = "SMQ_GROUPS_GRPC_" envPrefixDomains = "SMQ_DOMAINS_GRPC_" defDB = "channels" diff --git a/cmd/clients/main.go b/cmd/clients/main.go index ce023027cb..a66d3f73ce 100644 --- a/cmd/clients/main.go +++ b/cmd/clients/main.go @@ -68,7 +68,7 @@ const ( svcName = "clients" envPrefixDB = "SMQ_CLIENTS_DB_" envPrefixHTTP = "SMQ_CLIENTS_HTTP_" - envPrefixGRPC = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixGRPC = "SMQ_CLIENTS_GRPC_" envPrefixAuth = "SMQ_AUTH_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" envPrefixGroups = "SMQ_GROUPS_GRPC_" diff --git a/cmd/coap/main.go b/cmd/coap/main.go index 8dae202479..46433f060d 100644 --- a/cmd/coap/main.go +++ b/cmd/coap/main.go @@ -35,7 +35,7 @@ const ( svcName = "coap_adapter" envPrefix = "SMQ_COAP_ADAPTER_" envPrefixHTTP = "SMQ_COAP_ADAPTER_HTTP_" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" defSvcHTTPPort = "5683" defSvcCoAPPort = "5683" diff --git a/cmd/groups/main.go b/cmd/groups/main.go index 07caf7408d..3d164f718a 100644 --- a/cmd/groups/main.go +++ b/cmd/groups/main.go @@ -67,7 +67,7 @@ const ( envPrefixAuth = "SMQ_AUTH_GRPC_" envPrefixDomains = "SMQ_DOMAINS_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" defDB = "groups" defSvcHTTPPort = "9004" defSvcgRPCPort = "7004" diff --git a/cmd/http/main.go b/cmd/http/main.go index 4b03eb2426..4e9dfdb82d 100644 --- a/cmd/http/main.go +++ b/cmd/http/main.go @@ -45,7 +45,7 @@ import ( const ( svcName = "http_adapter" envPrefix = "SMQ_HTTP_ADAPTER_" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" envPrefixAuth = "SMQ_AUTH_GRPC_" defSvcHTTPPort = "80" diff --git a/cmd/mqtt/main.go b/cmd/mqtt/main.go index 0e713513b4..19fccfffe6 100644 --- a/cmd/mqtt/main.go +++ b/cmd/mqtt/main.go @@ -42,7 +42,7 @@ import ( const ( svcName = "mqtt" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" wsPathPrefix = "/mqtt" ) diff --git a/cmd/ws/main.go b/cmd/ws/main.go index 8dc5223f92..0fa21681dd 100644 --- a/cmd/ws/main.go +++ b/cmd/ws/main.go @@ -41,7 +41,7 @@ import ( const ( svcName = "ws-adapter" envPrefixHTTP = "SMQ_WS_ADAPTER_HTTP_" - envPrefixClients = "SMQ_CLIENTS_AUTH_GRPC_" + envPrefixClients = "SMQ_CLIENTS_GRPC_" envPrefixChannels = "SMQ_CHANNELS_GRPC_" envPrefixAuth = "SMQ_AUTH_GRPC_" defSvcHTTPPort = "8190" diff --git a/coap/README.md b/coap/README.md index 24810dbf5b..b5adf63d43 100644 --- a/coap/README.md +++ b/coap/README.md @@ -6,27 +6,27 @@ SuperMQ CoAP adapter provides an [CoAP](http://coap.technology/) API for sending The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. -| Variable | Description | Default | -| ---------------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | -| SMQ_COAP_ADAPTER_LOG_LEVEL | Log level for the CoAP Adapter (debug, info, warn, error) | info | -| SMQ_COAP_ADAPTER_HOST | CoAP service listening host | "" | -| SMQ_COAP_ADAPTER_PORT | CoAP service listening port | 5683 | -| SMQ_COAP_ADAPTER_SERVER_CERT | CoAP service server certificate | "" | -| SMQ_COAP_ADAPTER_SERVER_KEY | CoAP service server key | "" | -| SMQ_COAP_ADAPTER_HTTP_HOST | Service HTTP listening host | "" | -| SMQ_COAP_ADAPTER_HTTP_PORT | Service listening port | 5683 | -| SMQ_COAP_ADAPTER_HTTP_SERVER_CERT | Service server certificate | "" | -| SMQ_COAP_ADAPTER_HTTP_SERVER_KEY | Service server key | "" | -| SMQ_CLIENTS_AUTH_GRPC_URL | Clients service Auth gRPC URL | | -| SMQ_CLIENTS_AUTH_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | -| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | -| SMQ_JAEGER_URL | Jaeger server URL | | -| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | -| SMQ_SEND_TELEMETRY | Send telemetry to magistrala call home server | true | -| SMQ_COAP_ADAPTER_INSTANCE_ID | CoAP adapter instance ID | "" | +| Variable | Description | Default | +| --------------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | +| SMQ_COAP_ADAPTER_LOG_LEVEL | Log level for the CoAP Adapter (debug, info, warn, error) | info | +| SMQ_COAP_ADAPTER_HOST | CoAP service listening host | "" | +| SMQ_COAP_ADAPTER_PORT | CoAP service listening port | 5683 | +| SMQ_COAP_ADAPTER_SERVER_CERT | CoAP service server certificate | "" | +| SMQ_COAP_ADAPTER_SERVER_KEY | CoAP service server key | "" | +| SMQ_COAP_ADAPTER_HTTP_HOST | Service HTTP listening host | "" | +| SMQ_COAP_ADAPTER_HTTP_PORT | Service listening port | 5683 | +| SMQ_COAP_ADAPTER_HTTP_SERVER_CERT | Service server certificate | "" | +| SMQ_COAP_ADAPTER_HTTP_SERVER_KEY | Service server key | "" | +| SMQ_CLIENTS_GRPC_URL | Clients service Auth gRPC URL | | +| SMQ_CLIENTS_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | +| SMQ_CLIENTS_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | +| SMQ_CLIENTS_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | +| SMQ_CLIENTS_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | +| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | +| SMQ_JAEGER_URL | Jaeger server URL | | +| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | +| SMQ_SEND_TELEMETRY | Send telemetry to magistrala call home server | true | +| SMQ_COAP_ADAPTER_INSTANCE_ID | CoAP adapter instance ID | "" | ## Deployment @@ -57,11 +57,11 @@ SMQ_COAP_ADAPTER_HTTP_HOST=localhost \ SMQ_COAP_ADAPTER_HTTP_PORT=5683 \ SMQ_COAP_ADAPTER_HTTP_SERVER_CERT="" \ SMQ_COAP_ADAPTER_HTTP_SERVER_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 \ -SMQ_CLIENTS_AUTH_GRPC_TIMEOUT=1s \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT="" \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS="" \ +SMQ_CLIENTS_GRPC_URL=localhost:7000 \ +SMQ_CLIENTS_GRPC_TIMEOUT=1s \ +SMQ_CLIENTS_GRPC_CLIENT_CERT="" \ +SMQ_CLIENTS_GRPC_CLIENT_KEY="" \ +SMQ_CLIENTS_GRPC_SERVER_CERTS="" \ SMQ_MESSAGE_BROKER_URL=nats://localhost:4222 \ SMQ_JAEGER_URL=http://localhost:14268/api/traces \ SMQ_JAEGER_TRACE_RATIO=1.0 \ @@ -72,7 +72,7 @@ $GOBIN/supermq-coap Setting `SMQ_COAP_ADAPTER_SERVER_CERT` and `SMQ_COAP_ADAPTER_SERVER_KEY` will enable TLS against the service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_COAP_ADAPTER_HTTP_SERVER_CERT` and `SMQ_COAP_ADAPTER_HTTP_SERVER_KEY` will enable TLS against the service. The service expects a file in PEM format for both the certificate and the key. -Setting `SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. +Setting `SMQ_CLIENTS_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. ## Usage diff --git a/docker/.env b/docker/.env index 7e006a36e3..973e2c723f 100644 --- a/docker/.env +++ b/docker/.env @@ -263,11 +263,11 @@ SMQ_CLIENTS_STANDALONE_TOKEN= SMQ_CLIENTS_CACHE_KEY_DURATION=10m SMQ_CLIENTS_HTTP_HOST=clients SMQ_CLIENTS_HTTP_PORT=9006 -SMQ_CLIENTS_AUTH_GRPC_HOST=clients -SMQ_CLIENTS_AUTH_GRPC_PORT=7006 -SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.crt}${GRPC_TLS:+./ssl/certs/clients-grpc-server.crt} -SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.key}${GRPC_TLS:+./ssl/certs/clients-grpc-server.key} -SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt} +SMQ_CLIENTS_GRPC_HOST=clients +SMQ_CLIENTS_GRPC_PORT=7006 +SMQ_CLIENTS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.crt}${GRPC_TLS:+./ssl/certs/clients-grpc-server.crt} +SMQ_CLIENTS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.key}${GRPC_TLS:+./ssl/certs/clients-grpc-server.key} +SMQ_CLIENTS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt} SMQ_CLIENTS_CACHE_URL=redis://clients-redis:${SMQ_REDIS_TCP_PORT}/0 SMQ_CLIENTS_DB_HOST=clients-db SMQ_CLIENTS_DB_PORT=5432 @@ -282,11 +282,11 @@ SMQ_CLIENTS_INSTANCE_ID= #### Clients Client Config SMQ_CLIENTS_URL=http://clients:9006 -SMQ_CLIENTS_AUTH_GRPC_URL=clients:7006 -SMQ_CLIENTS_AUTH_GRPC_TIMEOUT=300s -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.crt} -SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.key} -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt} +SMQ_CLIENTS_GRPC_URL=clients:7006 +SMQ_CLIENTS_GRPC_TIMEOUT=300s +SMQ_CLIENTS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.crt} +SMQ_CLIENTS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.key} +SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt} ### Channels SMQ_CHANNELS_LOG_LEVEL=debug diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 476cef3bc4..05cc830d72 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -240,11 +240,11 @@ services: SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} SMQ_CHANNELS_GRPC_CLIENT_KEY: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:+/channels-grpc-client.key} SMQ_CHANNELS_GRPC_SERVER_CA_CERTS: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:+/channels-grpc-server-ca.crt} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_R_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_JAEGER_URL: ${SMQ_JAEGER_URL} SMQ_JAEGER_TRACE_RATIO: ${SMQ_JAEGER_TRACE_RATIO} SMQ_SEND_TELEMETRY: ${SMQ_SEND_TELEMETRY} @@ -373,15 +373,15 @@ services: SMQ_CLIENTS_CACHE_KEY_DURATION: ${SMQ_CLIENTS_CACHE_KEY_DURATION} SMQ_CLIENTS_HTTP_HOST: ${SMQ_CLIENTS_HTTP_HOST} SMQ_CLIENTS_HTTP_PORT: ${SMQ_CLIENTS_HTTP_PORT} - SMQ_CLIENTS_AUTH_GRPC_HOST: ${SMQ_CLIENTS_AUTH_GRPC_HOST} - SMQ_CLIENTS_AUTH_GRPC_PORT: ${SMQ_CLIENTS_AUTH_GRPC_PORT} + SMQ_CLIENTS_GRPC_HOST: ${SMQ_CLIENTS_GRPC_HOST} + SMQ_CLIENTS_GRPC_PORT: ${SMQ_CLIENTS_GRPC_PORT} ## Compose supports parameter expansion in environment, ## Eg: ${VAR:+replacement} or ${VAR+replacement} -> replacement if VAR is set and non-empty, otherwise empty ## Eg :${VAR:-default} or ${VAR-default} -> value of VAR if set and non-empty, otherwise default - SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT:+/clients-grpc-server.crt} - SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY:+/clients-grpc-server.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CA_CERTS:+/clients-grpc-client-ca.crt} + SMQ_CLIENTS_GRPC_SERVER_CERT: ${SMQ_CLIENTS_GRPC_SERVER_CERT:+/clients-grpc-server.crt} + SMQ_CLIENTS_GRPC_R_KEY: ${SMQ_CLIENTS_GRPC_SERVER_KEY:+/clients-grpc-server.key} + SMQ_CLIENTS_GRPC_R_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS: ${SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS:+/clients-grpc-client-ca.crt} SMQ_ES_URL: ${SMQ_ES_URL} SMQ_CLIENTS_CACHE_URL: ${SMQ_CLIENTS_CACHE_URL} SMQ_CLIENTS_DB_HOST: ${SMQ_CLIENTS_DB_HOST} @@ -424,30 +424,30 @@ services: SMQ_SPICEDB_SCHEMA_FILE: ${SMQ_SPICEDB_SCHEMA_FILE} ports: - ${SMQ_CLIENTS_HTTP_PORT}:${SMQ_CLIENTS_HTTP_PORT} - - ${SMQ_CLIENTS_AUTH_GRPC_PORT}:${SMQ_CLIENTS_AUTH_GRPC_PORT} + - ${SMQ_CLIENTS_GRPC_PORT}:${SMQ_CLIENTS_GRPC_PORT} networks: - supermq-base-net volumes: - ./spicedb/schema.zed:${SMQ_SPICEDB_SCHEMA_FILE} # Clients gRPC server certificates - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT:-ssl/certs/dummy/server_cert} - target: /clients-grpc-server${SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CERT:-ssl/certs/dummy/server_cert} + target: /clients-grpc-server${SMQ_CLIENTS_GRPC_SERVER_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY:-ssl/certs/dummy/server_key} - target: /clients-grpc-server${SMQ_CLIENTS_AUTH_GRPC_SERVER_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_SERVER_KEY:-ssl/certs/dummy/server_key} + target: /clients-grpc-server${SMQ_CLIENTS_GRPC_SERVER_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca_certs} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CA_CERTS:-ssl/certs/dummy/client_ca_certs} - target: /clients-grpc-client-ca${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS:-ssl/certs/dummy/client_ca_certs} + target: /clients-grpc-client-ca${SMQ_CLIENTS_GRPC_CLIENT_CA_CERTS:+.crt} bind: create_host_path: true # Auth gRPC client certificates @@ -553,11 +553,11 @@ services: SMQ_AUTH_GRPC_CLIENT_CERT: ${SMQ_AUTH_GRPC_CLIENT_CERT:+/auth-grpc-client.crt} SMQ_AUTH_GRPC_CLIENT_KEY: ${SMQ_AUTH_GRPC_CLIENT_KEY:+/auth-grpc-client.key} SMQ_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_AUTH_GRPC_SERVER_CA_CERTS:+/auth-grpc-server-ca.crt} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_GROUPS_GRPC_URL: ${SMQ_GROUPS_GRPC_URL} SMQ_GROUPS_GRPC_TIMEOUT: ${SMQ_GROUPS_GRPC_TIMEOUT} SMQ_GROUPS_GRPC_CLIENT_CERT: ${SMQ_GROUPS_GRPC_CLIENT_CERT:+/groups-grpc-client.crt} @@ -600,18 +600,18 @@ services: bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT:-ssl/certs/dummy/server_ca} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CERT:-ssl/certs/dummy/server_ca} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CERT:+.crt} bind: create_host_path: true - type: bind @@ -821,11 +821,11 @@ services: SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} SMQ_CHANNELS_GRPC_CLIENT_KEY: ${SMQ_CHANNELS_GRPC_CLIENT_KEY:+/channels-grpc-client.key} SMQ_CHANNELS_GRPC_SERVER_CA_CERTS: ${SMQ_CHANNELS_GRPC_SERVER_CA_CERTS:+/channels-grpc-server-ca.crt} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_DOMAINS_GRPC_URL: ${SMQ_DOMAINS_GRPC_URL} SMQ_DOMAINS_GRPC_TIMEOUT: ${SMQ_DOMAINS_GRPC_TIMEOUT} SMQ_DOMAINS_GRPC_CLIENT_CERT: ${SMQ_DOMAINS_GRPC_CLIENT_CERT:+/domains-grpc-client.crt} @@ -899,11 +899,11 @@ services: SMQ_MQTT_ADAPTER_WS_TARGET_PORT: ${SMQ_MQTT_ADAPTER_WS_TARGET_PORT} SMQ_MQTT_ADAPTER_INSTANCE: ${SMQ_MQTT_ADAPTER_INSTANCE} SMQ_ES_URL: ${SMQ_ES_URL} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_T_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL} SMQ_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT} SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} @@ -918,18 +918,18 @@ services: volumes: # Clients gRPC mTLS client certificates - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true # Channels gRPC mTLS client certificates @@ -962,11 +962,11 @@ services: SMQ_HTTP_ADAPTER_PORT: ${SMQ_HTTP_ADAPTER_PORT} SMQ_HTTP_ADAPTER_SERVER_CERT: ${SMQ_HTTP_ADAPTER_SERVER_CERT} SMQ_HTTP_ADAPTER_SERVER_KEY: ${SMQ_HTTP_ADAPTER_SERVER_KEY} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_T_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL} SMQ_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT} SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} @@ -990,18 +990,18 @@ services: volumes: # Clients gRPC mTLS client certificates - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true # Channels gRPC mTLS client certificates @@ -1054,11 +1054,11 @@ services: SMQ_COAP_ADAPTER_HTTP_PORT: ${SMQ_COAP_ADAPTER_HTTP_PORT} SMQ_COAP_ADAPTER_HTTP_SERVER_CERT: ${SMQ_COAP_ADAPTER_HTTP_SERVER_CERT} SMQ_COAP_ADAPTER_HTTP_SERVER_KEY: ${SMQ_COAP_ADAPTER_HTTP_SERVER_KEY} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL} SMQ_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT} SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} @@ -1078,18 +1078,18 @@ services: volumes: # Clients gRPC mTLS client certificates - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true # Channels gRPC mTLS client certificates @@ -1127,11 +1127,11 @@ services: SMQ_WS_ADAPTER_HTTP_PORT: ${SMQ_WS_ADAPTER_HTTP_PORT} SMQ_WS_ADAPTER_HTTP_SERVER_CERT: ${SMQ_WS_ADAPTER_HTTP_SERVER_CERT} SMQ_WS_ADAPTER_HTTP_SERVER_KEY: ${SMQ_WS_ADAPTER_HTTP_SERVER_KEY} - SMQ_CLIENTS_AUTH_GRPC_URL: ${SMQ_CLIENTS_AUTH_GRPC_URL} - SMQ_CLIENTS_AUTH_GRPC_TIMEOUT: ${SMQ_CLIENTS_AUTH_GRPC_TIMEOUT} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} - SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+/clients-grpc-client.key} - SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} + SMQ_CLIENTS_GRPC_URL: ${SMQ_CLIENTS_GRPC_URL} + SMQ_CLIENTS_GRPC_TIMEOUT: ${SMQ_CLIENTS_GRPC_TIMEOUT} + SMQ_CLIENTS_GRPC_CLIENT_CERT: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:+/clients-grpc-client.crt} + SMQ_CLIENTS_GRPC_CLIENT_KEY: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:+/clients-grpc-client.key} + SMQ_CLIENTS_GRPC_SERVER_CA_CERTS: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+/clients-grpc-server-ca.crt} SMQ_CHANNELS_GRPC_URL: ${SMQ_CHANNELS_GRPC_URL} SMQ_CHANNELS_GRPC_TIMEOUT: ${SMQ_CHANNELS_GRPC_TIMEOUT} SMQ_CHANNELS_GRPC_CLIENT_CERT: ${SMQ_CHANNELS_GRPC_CLIENT_CERT:+/channels-grpc-client.crt} @@ -1155,18 +1155,18 @@ services: volumes: # Clients gRPC mTLS client certificates - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT:+.crt} + source: ${SMQ_CLIENTS_GRPC_CLIENT_CERT:-ssl/certs/dummy/client_cert} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_CERT:+.crt} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} - target: /clients-grpc-client${SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY:+.key} + source: ${SMQ_CLIENTS_GRPC_CLIENT_KEY:-ssl/certs/dummy/client_key} + target: /clients-grpc-client${SMQ_CLIENTS_GRPC_CLIENT_KEY:+.key} bind: create_host_path: true - type: bind - source: ${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} - target: /clients-grpc-server-ca${SMQ_CLIENTS_AUTH_GRPC_SERVER_CA_CERTS:+.crt} + source: ${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:-ssl/certs/dummy/server_ca} + target: /clients-grpc-server-ca${SMQ_CLIENTS_GRPC_SERVER_CA_CERTS:+.crt} bind: create_host_path: true # Channels gRPC mTLS client certificates diff --git a/http/README.md b/http/README.md index e0be9d0236..fdaf944085 100644 --- a/http/README.md +++ b/http/README.md @@ -6,23 +6,23 @@ HTTP adapter provides an HTTP API for sending messages through the platform. The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. -| Variable | Description | Default | -| ---------------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | -| SMQ_HTTP_ADAPTER_LOG_LEVEL | Log level for the HTTP Adapter (debug, info, warn, error) | info | -| SMQ_HTTP_ADAPTER_HOST | Service HTTP host | "" | -| SMQ_HTTP_ADAPTER_PORT | Service HTTP port | 80 | -| SMQ_HTTP_ADAPTER_SERVER_CERT | Path to the PEM encoded server certificate file | "" | -| SMQ_HTTP_ADAPTER_SERVER_KEY | Path to the PEM encoded server key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_URL | Clients service Auth gRPC URL | | -| SMQ_CLIENTS_AUTH_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | -| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | -| SMQ_JAEGER_URL | Jaeger server URL | | -| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | -| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server | true | -| SMQ_HTTP_ADAPTER_INSTANCE_ID | Service instance ID | "" | +| Variable | Description | Default | +| ----------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | +| SMQ_HTTP_ADAPTER_LOG_LEVEL | Log level for the HTTP Adapter (debug, info, warn, error) | info | +| SMQ_HTTP_ADAPTER_HOST | Service HTTP host | "" | +| SMQ_HTTP_ADAPTER_PORT | Service HTTP port | 80 | +| SMQ_HTTP_ADAPTER_SERVER_CERT | Path to the PEM encoded server certificate file | "" | +| SMQ_HTTP_ADAPTER_SERVER_KEY | Path to the PEM encoded server key file | "" | +| SMQ_CLIENTS_GRPC_URL | Clients service Auth gRPC URL | | +| SMQ_CLIENTS_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | +| SMQ_CLIENTS_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | +| SMQ_CLIENTS_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | +| SMQ_CLIENTS_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | +| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | +| SMQ_JAEGER_URL | Jaeger server URL | | +| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | +| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server | true | +| SMQ_HTTP_ADAPTER_INSTANCE_ID | Service instance ID | "" | ## Deployment @@ -49,11 +49,11 @@ SMQ_HTTP_ADAPTER_HOST=localhost \ SMQ_HTTP_ADAPTER_PORT=80 \ SMQ_HTTP_ADAPTER_SERVER_CERT="" \ SMQ_HTTP_ADAPTER_SERVER_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 \ -SMQ_CLIENTS_AUTH_GRPC_TIMEOUT=1s \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT="" \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS="" \ +SMQ_CLIENTS_GRPC_URL=localhost:7000 \ +SMQ_CLIENTS_GRPC_TIMEOUT=1s \ +SMQ_CLIENTS_GRPC_CLIENT_CERT="" \ +SMQ_CLIENTS_GRPC_CLIENT_KEY="" \ +SMQ_CLIENTS_GRPC_SERVER_CERTS="" \ SMQ_MESSAGE_BROKER_URL=nats://localhost:4222 \ SMQ_JAEGER_URL=http://localhost:14268/api/traces \ SMQ_JAEGER_TRACE_RATIO=1.0 \ @@ -64,7 +64,7 @@ $GOBIN/supermq-http Setting `SMQ_HTTP_ADAPTER_SERVER_CERT` and `SMQ_HTTP_ADAPTER_SERVER_KEY` will enable TLS against the service. The service expects a file in PEM format for both the certificate and the key. -Setting `SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. +Setting `SMQ_CLIENTS_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. ## Usage diff --git a/mqtt/README.md b/mqtt/README.md index 467cf090b5..8cb6bf9a8e 100644 --- a/mqtt/README.md +++ b/mqtt/README.md @@ -17,11 +17,11 @@ The service is configured using the environment variables presented in the follo | SMQ_MQTT_ADAPTER_WS_TARGET_HOST | MQTT broker host for MQTT over WS | localhost | | SMQ_MQTT_ADAPTER_WS_TARGET_PORT | MQTT broker port for MQTT over WS | 8080 | | SMQ_MQTT_ADAPTER_INSTANCE | Instance name for MQTT adapter | "" | -| SMQ_CLIENTS_AUTH_GRPC_URL | Clients service Auth gRPC URL | | -| SMQ_CLIENTS_AUTH_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | +| SMQ_CLIENTS_GRPC_URL | Clients service Auth gRPC URL | | +| SMQ_CLIENTS_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | +| SMQ_CLIENTS_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | +| SMQ_CLIENTS_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | +| SMQ_CLIENTS_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | | SMQ_ES_URL | Event sourcing URL | | | SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | | SMQ_JAEGER_URL | Jaeger server URL | | @@ -58,11 +58,11 @@ SMQ_MQTT_ADAPTER_WS_PORT=8080 \ SMQ_MQTT_ADAPTER_WS_TARGET_HOST=localhost \ SMQ_MQTT_ADAPTER_WS_TARGET_PORT=8080 \ SMQ_MQTT_ADAPTER_INSTANCE="" \ -SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 \ -SMQ_CLIENTS_AUTH_GRPC_TIMEOUT=1s \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT="" \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS="" \ +SMQ_CLIENTS_GRPC_URL=localhost:7000 \ +SMQ_CLIENTS_GRPC_TIMEOUT=1s \ +SMQ_CLIENTS_GRPC_CLIENT_CERT="" \ +SMQ_CLIENTS_GRPC_CLIENT_KEY="" \ +SMQ_CLIENTS_GRPC_SERVER_CERTS="" \ SMQ_ES_URL=nats://localhost:4222 \ SMQ_MESSAGE_BROKER_URL=nats://localhost:4222 \ SMQ_JAEGER_URL=http://localhost:14268/api/traces \ @@ -72,6 +72,6 @@ SMQ_MQTT_ADAPTER_INSTANCE_ID="" \ $GOBIN/supermq-mqtt ``` -Setting `SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. +Setting `SMQ_CLIENTS_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. For more information about service capabilities and its usage, please check out the API documentation [API](https://github.com/absmach/supermq/blob/main/api/asyncapi/mqtt.yml). diff --git a/scripts/run.sh b/scripts/run.sh index 635f7d8cf7..9b9c740412 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -43,27 +43,27 @@ SMQ_USERS_LOG_LEVEL=info SMQ_USERS_HTTP_PORT=9002 SMQ_USERS_GRPC_PORT=7001 SMQ_U ### # Clients ### -SMQ_CLIENTS_LOG_LEVEL=info SMQ_CLIENTS_HTTP_PORT=9000 SMQ_CLIENTS_AUTH_GRPC_PORT=7000 SMQ_CLIENTS_AUTH_HTTP_PORT=9002 $BUILD_DIR/supermq-clients & +SMQ_CLIENTS_LOG_LEVEL=info SMQ_CLIENTS_HTTP_PORT=9000 SMQ_CLIENTS_GRPC_PORT=7000 SMQ_CLIENTS_AUTH_HTTP_PORT=9002 $BUILD_DIR/supermq-clients & ### # HTTP ### -SMQ_HTTP_ADAPTER_LOG_LEVEL=info SMQ_HTTP_ADAPTER_PORT=8008 SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-http & +SMQ_HTTP_ADAPTER_LOG_LEVEL=info SMQ_HTTP_ADAPTER_PORT=8008 SMQ_CLIENTS_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-http & ### # WS ### -SMQ_WS_ADAPTER_LOG_LEVEL=info SMQ_WS_ADAPTER_HTTP_PORT=8190 SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-ws & +SMQ_WS_ADAPTER_LOG_LEVEL=info SMQ_WS_ADAPTER_HTTP_PORT=8190 SMQ_CLIENTS_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-ws & ### # MQTT ### -SMQ_MQTT_ADAPTER_LOG_LEVEL=info SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-mqtt & +SMQ_MQTT_ADAPTER_LOG_LEVEL=info SMQ_CLIENTS_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-mqtt & ### # CoAP ### -SMQ_COAP_ADAPTER_LOG_LEVEL=info SMQ_COAP_ADAPTER_PORT=5683 SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-coap & +SMQ_COAP_ADAPTER_LOG_LEVEL=info SMQ_COAP_ADAPTER_PORT=5683 SMQ_CLIENTS_GRPC_URL=localhost:7000 $BUILD_DIR/supermq-coap & trap cleanup EXIT diff --git a/ws/README.md b/ws/README.md index d50f413ba1..b1f05da484 100644 --- a/ws/README.md +++ b/ws/README.md @@ -6,23 +6,23 @@ WebSocket adapter provides a [WebSocket](https://en.wikipedia.org/wiki/WebSocket The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values. -| Variable | Description | Default | -| ---------------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | -| SMQ_WS_ADAPTER_LOG_LEVEL | Log level for the WS Adapter (debug, info, warn, error) | info | -| SMQ_WS_ADAPTER_HTTP_HOST | Service WS host | "" | -| SMQ_WS_ADAPTER_HTTP_PORT | Service WS port | 8190 | -| SMQ_WS_ADAPTER_HTTP_SERVER_CERT | Path to the PEM encoded server certificate file | "" | -| SMQ_WS_ADAPTER_HTTP_SERVER_KEY | Path to the PEM encoded server key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_URL | Clients service Auth gRPC URL | | -| SMQ_CLIENTS_AUTH_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | -| SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | -| SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | -| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | -| SMQ_JAEGER_URL | Jaeger server URL | | -| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | -| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server | true | -| SMQ_WS_ADAPTER_INSTANCE_ID | Service instance ID | "" | +| Variable | Description | Default | +| ------------------------------- | ----------------------------------------------------------------------------------- | --------------------------------- | +| SMQ_WS_ADAPTER_LOG_LEVEL | Log level for the WS Adapter (debug, info, warn, error) | info | +| SMQ_WS_ADAPTER_HTTP_HOST | Service WS host | "" | +| SMQ_WS_ADAPTER_HTTP_PORT | Service WS port | 8190 | +| SMQ_WS_ADAPTER_HTTP_SERVER_CERT | Path to the PEM encoded server certificate file | "" | +| SMQ_WS_ADAPTER_HTTP_SERVER_KEY | Path to the PEM encoded server key file | "" | +| SMQ_CLIENTS_GRPC_URL | Clients service Auth gRPC URL | | +| SMQ_CLIENTS_GRPC_TIMEOUT | Clients service Auth gRPC request timeout in seconds | 1s | +| SMQ_CLIENTS_GRPC_CLIENT_CERT | Path to the PEM encoded clients service Auth gRPC client certificate file | "" | +| SMQ_CLIENTS_GRPC_CLIENT_KEY | Path to the PEM encoded clients service Auth gRPC client key file | "" | +| SMQ_CLIENTS_GRPC_SERVER_CERTS | Path to the PEM encoded clients server Auth gRPC server trusted CA certificate file | "" | +| SMQ_MESSAGE_BROKER_URL | Message broker instance URL | | +| SMQ_JAEGER_URL | Jaeger server URL | | +| SMQ_JAEGER_TRACE_RATIO | Jaeger sampling ratio | 1.0 | +| SMQ_SEND_TELEMETRY | Send telemetry to supermq call home server | true | +| SMQ_WS_ADAPTER_INSTANCE_ID | Service instance ID | "" | ## Deployment @@ -49,11 +49,11 @@ SMQ_WS_ADAPTER_HTTP_HOST=localhost \ SMQ_WS_ADAPTER_HTTP_PORT=8190 \ SMQ_WS_ADAPTER_HTTP_SERVER_CERT="" \ SMQ_WS_ADAPTER_HTTP_SERVER_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_URL=localhost:7000 \ -SMQ_CLIENTS_AUTH_GRPC_TIMEOUT=1s \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT="" \ -SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY="" \ -SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS="" \ +SMQ_CLIENTS_GRPC_URL=localhost:7000 \ +SMQ_CLIENTS_GRPC_TIMEOUT=1s \ +SMQ_CLIENTS_GRPC_CLIENT_CERT="" \ +SMQ_CLIENTS_GRPC_CLIENT_KEY="" \ +SMQ_CLIENTS_GRPC_SERVER_CERTS="" \ SMQ_MESSAGE_BROKER_URL=nats://localhost:4222 \ SMQ_JAEGER_URL=http://localhost:14268/api/traces \ SMQ_JAEGER_TRACE_RATIO=1.0 \ @@ -64,7 +64,7 @@ $GOBIN/supermq-ws Setting `SMQ_WS_ADAPTER_HTTP_SERVER_CERT` and `SMQ_WS_ADAPTER_HTTP_SERVER_KEY` will enable TLS against the service. The service expects a file in PEM format for both the certificate and the key. -Setting `SMQ_CLIENTS_AUTH_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_AUTH_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_AUTH_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. +Setting `SMQ_CLIENTS_GRPC_CLIENT_CERT` and `SMQ_CLIENTS_GRPC_CLIENT_KEY` will enable TLS against the clients service. The service expects a file in PEM format for both the certificate and the key. Setting `SMQ_CLIENTS_GRPC_SERVER_CERTS` will enable TLS against the clients service trusting only those CAs that are provided. The service expects a file in PEM format of trusted CAs. ## Usage