系统:linux (centos7.6)
部署方式:单节点部署 docker +nginx+ssl
版本:emqx 3.X (使用官方最新镜像)
配置如下:
1.docker部署 (此处切记,由于是单节点部署,必须把8084端口让给nginx)
docker run -dit --restart always --name emqx -p 1883:1883 -p 8083:8083 -p 8883:8883 -p 8085:8084 -p 18084:18083 emqx/emqx
#更改管理员密码
#进入容器执行
/opt/emqx/bin/emqx_ctl admins passwd xiaoka
#docker exec -it emqx sh -c "/opt/emqx/bin/emqx_ctl admins passwd admin Passwordadmin "
2.nginx+wss 部署
#/etc/nginx/conf.d/wss.conf
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream wssweb {
server localIP:18083;
}
upstream wss {
server localIP:8083;
}
server {
listen 80;
server_name ws.xiaokakj.com;
root html;
index index.html index.htm;
location / {
proxy_pass http://wssweb;
}}
server {
listen 8084 ssl;
server_name ws.test.com;
root html;
index index.html index.htm;
ssl_certificate /etc/nginx/cert/a.pem;
ssl_certificate_key /etc/nginx/cert/a.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /mqtt {
proxy_pass http://wss;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
}}