Classic KV Format Configuration Guide
This section introduces the NanoMQ configuration in classic key-value format. While NanoMQ continues to support the traditional Key-Value (KV) configuration syntax, it's important to note that some new features will only be compatible with the HOCON configuration format.
Basic Configuration
| Name | Type | Description |
|---|---|---|
| url | String | URL of listener |
| num_taskq_thread | Integer | Number of taskq threads used. |
| max_taskq_thread | Integer | Maximum number of taskq threads used. |
| parallel | Long | Number of parallel threads. |
| property_size | Integer | Max size for a MQTT property. |
| msq_len | Integer | Queue length for resending messages. |
| qos_duration | Integer | The interval of the QoS timer + minimum granularity of the global timer |
| allow_anonymous | Boolean | Allow anonymous login. |
| tls.enable | Boolean | Enable TLS listener(default: false). |
| tls.url | String | URL of TLS listener. |
| tls.key | String | User's private PEM-encoded key. |
| tls.keypass | String | String containing the user's password. Only used if the private keyfile is password-protected. |
| tls.cert | String | User certificate data. |
| tls.cacert | String | User's PEM-encoded CA certificates. |
| tls.verify_peer | Boolean | Verify peer certificate. |
| tls.fail_if_no_peer_cert | Boolean | Server will fail if the client does not have a certificate to send. |
| websocket.enable | Boolean | Enable websocket listener(default: true). |
| websocket.url | String | URL of websocket listener. |
| websocket.tls_url | String | URL of TLS over websocket listerner. |
| http_server.enable | Boolean | Enable http server listerner (default: false). |
| http_server.port | Integer | Port of http server. |
| http_server.username | String | User name of http server. |
| http_server.password | String | Password of http server. |
| http_server.auth_type | Enum | Http server authentication type (default: basic). |
| http_server.jwt.public.keyfile | String | public key file for JWT. |
| http_server.jwt.private.keyfile | String | private key file for JWT. |
| log.to | Array[Enum] | Array of log types,( Use commas , to separate multiple types )Log types: file, console, syslog |
| log.level | Enum | Log level:trace, debug, info, warn, error, fatal |
| log.dir | String | The dir for log files. (if log to file) |
| log.file | String | The log filename. (if log to file) |
| log.rotation.size | Integer | Maximum size of each log file; Supported Unit: `KB |
| log.rotation.count | Integer | Maximum rotation count of log files; Default: 5 |
MQTT Bridge Configuration
NanoMQ supports multiple bridge configuration sets, you can specify a user-defined group name by
NAMEwhich cannot be repeated.
| Name | Type | Description |
|---|---|---|
| bridge.mqtt.{NAME}.bridge_mode | Boolean | Enter MQTT bridge mode (default false ). |
| bridge.mqtt.{NAME}.address | String | Remote Broker address. |
| bridge.mqtt.{NAME}.proto_ver | String | MQTT client version(3|4|5). |
| bridge.mqtt.{NAME}.clientid | String | MQTT client identifier. |
| bridge.mqtt.{NAME}.keepalive | Integer | Interval of keepalive. |
| bridge.mqtt.{NAME}.clean_start | Boolean | Clean seeson. |
| bridge.mqtt.{NAME}.parallel | Long | Parallel of mqtt client. |
| bridge.mqtt.{NAME}.username | String | Login user name. |
| bridge.mqtt.{NAME}.password | String | Login password. |
| bridge.mqtt.{NAME}.forwards | Array[String] | Array of forward topics.( Use commas , to separate multiple topics ) |
| bridge.mqtt.{NAME}.subscription.1.topic | String | First Topic. |
| bridge.mqtt.{NAME}.subscription.1.qos | Integer | First Qos. |
| bridge.mqtt.{NAME}.subscription.2.topic | String | SecondTopic ( And so on ). |
| bridge.mqtt.{NAME}.subscription.2.qos | Integer | SecondQos( And so on ). |
| bridge.mqtt.{NAME}..connector.conn_properties | Object | MQTT V5 Property of Connector (See the following table) |
| bridge.mqtt.{NAME}.connector.ssl.enable | Boolean | Enable TLS connection (default false). |
| bridge.mqtt.{NAME}.connector.ssl.key_password | String | Private key password. |
| bridge.mqtt.{NAME}.connector.ssl.keyfile | String | Private key. |
| bridge.mqtt.{NAME}.connector.ssl.certfile | String | User certificate. |
| bridge.mqtt.{NAME}.connector.ssl.cacertfile | String | CA certificates. |
| bridge.mqtt.{NAME}.quic_keepalive | Duration | Interval of a sending keepalive packet via QUIC transport.(default 120s ) |
| bridge.mqtt.{NAME}.quic_idle_timeout | Duration | Idle Timeout(default 120s ) |
| bridge.mqtt.{NAME}.quic_discon_timeout | Duration | Disconnect Timeout(default 120s ) |
| bridge.mqtt.{NAME}.quic_handshake_timeout | Duration | Handshake Timeout(default 60s ) |
| bridge.mqtt.{NAME}.qsend_idle_timeout | Duration | Reset congestion control after being idle SendIdleTimeout (default 60s) |
| bridge.mqtt.{NAME}.qinitial_rtt_ms | Duration | Initial RTT estimate. (ms) (default: 800ms) |
| bridge.mqtt.{NAME}.qmax_ack_delay_ms | Duration | How long to wait after receiving data before sending an ACK. (default: 100ms) |
| bridge.mqtt.{NAME}.quic_qos_priority | Boolean | Send QoS 1/2 msg in high prority. (default: true) |
| bridge.mqtt.{NAME}.quic_0rtt | Boolean | 0RTT is a feature of QUIC to re-establish connection quickly. . (default: true) |
| bridge.mqtt.{NAME}.hybrid_bridging | Boolean | Hybrid bridging (default false ), recommend to enable it when you want to take advantage of QUIC, but not sure if the public network support QUIC. |
| bridge.mqtt.{NAME}.multi_stream | Boolean | Multi-stream mode(Defaultfalse) |
| bridge.mqtt.{NAME}.parallel | Long | Work parallel for bridge client (Default 2) |
| bridge.mqtt.{NAME}.sub_properties | Object | MQTT V5 Property of subscription (See the following table). |
| bridge.mqtt.{NAME}.max_send_queue_len | Integer | Maximum number of message send queue length |
| bridge.mqtt.{NAME}.max_recv_queue_len | Integer | Maximum number of message receive queue length |
Note: The configuration options named with Quic prefix only apply to the QUIC transport layer.
MQTT V5 Property
Connector Property:bridge.mqtt.{NAME}.connector.conn_properties`
| Name | Type | Description |
|---|---|---|
| maximum_packet_size | Integer | Maximum packet size Value: 1 ~ 4294967295 |
| receive_maximum | Integer | Maximum receive size Value: 1 ~ 65535 |
| topic_alias_maximum | Integer | Maximum length of topic alias Value: 0 ~ 65535 |
| request_problem_infomation | Integer | Request problem infomation Default: 1 Value: 0 | 1 |
| request_response_infomation | Integer | Request response infomation Default: 0 Value: 0 | 1 |
| session_expiry_interval | Integer | Session expiry interval Value: 0 ~ 4294967295 |
| user_property | Map[String, String] | User property Value: Map[key(String) - value(String)] |
Subscription Property: bridge.mqtt.{NAME}.sub_properties`
| Name | Type | Description |
|---|---|---|
| identifier | Integer | Subscription identifier Value: 1 ~ 268,435,455 |
| user_property | Map[String, String] | User property Value: Map[key(String) - value(String)] |
AWS IoT Core Bridge Configuration
| Name | Type | Description |
|---|---|---|
| aws.bridge.mqtt.bridge_mode | Boolean | Enter MQTT bridge mode (default false ). |
| aws.bridge.mqtt.host | String | aws endpoint. |
| aws.bridge.mqtt.port | Integer | aws MQTT port. |
| aws.bridge.mqtt.clientid | String | MQTT client identifier. |
| aws.bridge.mqtt.keepalive | Integer | Interval of keepalive. |
| aws.bridge.mqtt.clean_start | Boolean | Clean seeson. |
| aws.bridge.mqtt.parallel | Long | Parallel of mqtt client. |
| aws.bridge.mqtt.username | String | Login user name. |
| aws.bridge.mqtt.password | String | Login password. |
| aws.bridge.mqtt.forwards | Array[String] | Array of forward topics.( Use commas , to separate multiple topics ) |
| aws.bridge.mqtt.subscription.1.topic | String | First Topic. |
| aws.bridge.mqtt.subscription.1.qos | Integer | First Qos. |
| aws.bridge.mqtt.subscription.2.topic | String | SecondTopic ( And so on ). |
| aws.bridge.mqtt.subscription.2.qos | Integer | SecondQos( And so on ). |
Authorization Configuration
| Name | Type | Description |
|---|---|---|
| auth.1.login | String | First Username. |
| auth.1.password | String | First Password. |
| auth.2.login | String | Second Username ( And so on ). |
| auth.2.password | String | Second Password ( And so on ). |
| ... | ||
| auth.{INDEX}.login | String | |
| auth.{INDEX}.password | String |
WebHook Configuration
| Name | Type | Description |
|---|---|---|
| web.hook.enable | Boolean | Enable WebHook (default: false) |
| web.hook.url | String | Webhook URL |
| web.hook.headers.<Any> | String | HTTP Headers Example: 1. web.hook.headers.content-type=application/json 2. web.hook.headers.accept=* |
| web.hook.body.encoding_of_payload_field | Enum | The encoding format of the payload field in the HTTP body Options: plain | base64 | base62 |
| web.hook.ssl.cacertfile | String | PEM format file of CA's. |
| web.hook.ssl.certfile | String | Certificate file to use, PEM format assumed. |
| web.hook.ssl.keyfile | String | Private key file to use, PEM format assumed. |
| web.hook.ssl.verify | Boolean | Turn on peer certificate verification (default: false). |
| web.hook.ssl.server_name_indication | Boolean | Verify server_name (default: false). |
| web.hook.pool_size | Integer | Connection process pool size (default: 32). |
| web.hook.rule.client.connack.<No> | String | Example: web.hook.rule.client.connack.1={"action": "on_client_connack"} |
| web.hook.rule.client.disconnected.<No> | String | Example: web.hook.rule.client.disconnected.1={"action": "on_client_disconnected"} |
| web.hook.rule.message.publish.<No> | String | Example: web.hook.rule.message.publish.1={"action": "on_message_publish"} web.hook.rule.message.publish.1={"action": "on_message_publish", "topic": "topic/1/2"} web.hook.rule.message.publish.2 = {"action": "on_message_publish", "topic": "foo/#"} |
HTTP Authorication Configuration
| Name | Type | Description | default |
|---|---|---|---|
| auth.http.enable | Boolean | Enable HTTP authentication | false |
| auth.http.auth_req.url | String | Specify the target URL of the authentication request. | http://127.0.0.1:80/mqtt/auth |
| auth.http.auth_req.method | Enum | Specify the request method of the authentication request. ( POST , GET) | POST |
| auth.http.auth_req.headers.<Any> | String | Specify the data in the HTTP request header. <Key> Specify the field name in the HTTP request header, and the value of this configuration item is the corresponding field value. <Key> can be the standard HTTP request header field. User can also customize the field to configure multiple different request header fields. | auth.http.auth_req.headers.content-type = application/x-www-form-urlencoded auth.http.auth_req.headers.accept = */* |
| auth.http.auth_req.params | String | Specify the data carried in the authentication request. When using the GET method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent as query string parameters. When using the POST method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent in the form of Request Body. All placeholders will be replaced by run-time data , and the available placeholders are as follows:%u: Username%c: MQTT Client ID%a: Client's network IP address%r: The protocol used by the client can be:mqtt, mqtt-sn, coap, lwm2m and stomp%P: Password%p: Server port for client connection%C: Common Name in client certificate%d: Subject in client certificate | clientid=%c,username=%u,password=%P |
| auth.http.super_req.url | String | Specify the target URL for the superuser authentication request. | http://127.0.0.1:80/mqtt/superuser |
| auth.http.super_req.method | String | Specifies the request method of the super user authentication request. ( POST , GET) | POST |
| auth.http.super_req.headers.<Any> | String | Specify the data in the HTTP request header. <Key> Specify the field name in the HTTP request header, and the value of this configuration item is the corresponding field value. <Key> can be the standard HTTP request header field. User can also customize the field to configure multiple different request header fields. | auth.http.super_req.headers.content-type = application/x-www-form-urlencodedauth.http.super_req.headers.accept = */* |
| auth.http.super_req.params | String | Specify the data carried in the authentication request. When using the GET method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent as query string parameters. When using the POST method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent in the form of Request Body. All placeholders will be replaced by run-time data , and the available placeholders are the same as those of auth.http.auth_req.params. | clientid=%c,username=%u |
| auth.http.acl_req.url | String | Specify the target URL for ACL verification requests. | http://127.0.0.1:8991/mqtt/acl |
| auth.http.acl_req.method | String | Specifies the request method for ACL verification requests. ( POST , GET) | POST |
| auth.http.acl_req.headers.<Any> | String | Specify the data in the HTTP request header. <Key> Specify the field name in the HTTP request header, and the value of this configuration item is the corresponding field value. <Key> can be the standard HTTP request header field. User can also customize the field to configure multiple different request header fields. | auth.http.super_req.headers.content-type = application/x-www-form-urlencodedauth.http.super_req.headers.accept = */* |
| auth.http.acl_req.params | String | Specify the data carried in the authentication request. When using the GET method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent as query string parameters. When using the POST method, the value of auth.http.auth_req.params will be converted into k=v key-value pairs separated by & and sent in the form of Request Body. All placeholders will be replaced by run-time data , and the available placeholders are as follows:%A: Permission to be verified, 1 means subscription, 2 means publish%u: UserName%c: MQTT Client ID%a: Client network IP address%r: The protocol used by the client can be: mqtt, mqtt-sn, coap, lwm2m and stomp%m: Mount point%t: Topic | access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m |
| auth.http.timeout | Integer | HTTP request timeout. Any setting equivalent to 0s means never timeout. | 5s |
| auth.http.connect_timeout | Integer | Connection timeout for HTTP requests. Any setting value equivalent to 0s means never time out. | 5s |
| auth.http.ssl.cacertfile | String | CA certificate file path. | etc/certs/ca.pem |
| auth.http.ssl.certfile | String | Client certificate file path. | etc/certs/client-cert.pem |
| auth.http.ssl.keyfile | String | Client private key file path. | etc/certs/client.key.pem |
Rule Engine Configuration
| Name | Type | Description |
|---|---|---|
| rule_option | Enum | Rule engine option, when persistence with rule engine, this option is must be ON. |
| rule_option.sqlite | Enum | Rule engine plugins option (enable/disable) |
| rule_option.repub | Enum | Rule engine plugins option (enable/disable) |
| rule_option.mysql | Enum | Rule engine plugins option (enable/disable) |
Rule Configuration for SQLite
| Name | Type | Description |
|---|---|---|
| rule.sqlite.path | String | Rule engine option SQLite3 database path, default is /tmp/rule_engine.db |
| rule.sqlite.%d.table | String | Rule engine option SQLite3 database table name, '%d' is a placeholder |
| rule.sqlite.event.publish.%d.sql | String | Rule engine sql clause, '%d' is a placeholder |
Rule Configuration for MySQL
| Name | Type | Description |
|---|---|---|
| rule.sqlite.path | String | Rule engine option mysql database name, default is mysql_rule_db |
| rule.mysql.%d.table | String | Rule engine option mysql database table name, '%d' is a placeholder |
| rule.mysql.%d.host | String | Rule engine option mysql database host, '%d' is a placeholder |
| rule.mysql.%d.username | String | Rule engine option mysql database username, '%d' is a placeholder |
| rule.mysql.%d.password | String | Rule engine option mysql database password, '%d' is a placeholder |
| rule.mysql.event.publish.%d.sql | String | Rule engine sql clause, '%d' is a placeholder |
Rule configuration for repub
| Name | Type | Description |
|---|---|---|
| rule.repub.%d.address | String | Rule engine option repub address (mqtt-tcp://host:port), '%d' is a placeholder |
| rule.repub.%d.topic | String | Rule engine option repub topic, '%d' is a placeholder |
| rule.repub.%d.username | String | Rule engine option repub username, '%d' is a placeholder |
| rule.repub.%d.password | String | Rule engine option repub password, '%d' is a placeholder |
| rule.repub.%d.proto_ver | Integer | Rule engine option repub protocol version, default is 4, '%d' is a placeholder |
| rule.repub.%d.clientid | String | Rule engine option repub clientid, '%d' is a placeholder |
| rule.repub.%d.keepalive | Integer | Rule engine option repub keepalive, default is 60, '%d' is a placeholder |
| rule.repub.%d.clean_start | Boolean | Rule engine option repub clean_start flag, default is true '%d' is a placeholder |
| rule.repub.event.publish.%d.sql | String | Rule engine sql clause, '%d' is a placeholder |