an0n.eu/mqtt
1
0
Fork 0
forked from iarv/mqtt
Code Pull Requests Activity
9 Commits 1 Branch 0 Tags
master
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Ben Meadors c5b0a10f91 Create FUNDING.yml
2025-04-18 09:48:19 -05:00
.github
Create FUNDING.yml
2025-04-18 09:48:19 -05:00
.dockerignore
Hello world
2025-04-16 09:04:28 -05:00
.gitignore
Hello world
2025-04-16 09:04:28 -05:00
cert.pem
Hello world
2025-04-16 09:04:28 -05:00
certificate.pfx
Hello world
2025-04-16 09:04:28 -05:00
Dockerfile
Hello world
2025-04-16 09:04:28 -05:00
key.pem
Hello world
2025-04-16 09:04:28 -05:00
LICENSE
Initial commit
2025-04-15 18:55:50 -05:00
Meshtastic.Mqtt.csproj
Hello world
2025-04-16 09:04:28 -05:00
Meshtastic.Mqtt.sln
Hello world
2025-04-16 09:04:28 -05:00
Program.cs
Ideas
2025-04-17 18:50:59 -05:00
README.md
Update README.md
2025-04-18 09:44:54 -05:00

README.md

Meshtastic MQTT Broker Boilerplate

This project provides an MQTT broker boilerplate specifically designed for Meshtastic mesh network moderation. It handles encrypted mesh packets, validates messages, and can be configured to run with SSL.

Features

  • MQTT server implementation for Meshtastic devices
  • Allows for more precise access control than Mosquito ACLs
    • Support for encrypted mesh packet handling and validation
    • Support for validating client connections and subscriptions
  • SSL support for secure MQTT connections
  • Built using C# / .NET 9.0 with MQTTnet
  • Multi-platform support
  • Can be easily be packaged to run as a portable standalone binary
  • Configurable logging with Serilog

Docker Setup

Prerequisites

  • Docker installed on your system
  • Certificate file (if using SSL mode)

Docker Installation

  1. Clone the repository:

    git clone https://github.com/meshtastic/mqtt
cd mqtt

  2. Build the Docker image:

    docker build -t meshtastic-mqtt-broker .

SSL Mode (Port 8883)

To run with SSL enabled:

  1. Place your certificate file (certificate.pfx) in the project directory. (see MQTTnet Server Wiki)
  2. Run the container with the SSL environment variable:
docker run -p 8883:8883 -v $(pwd)/certificate.pfx:/app/certificate.pfx meshtastic-mqtt-broker

Docker Compose Example

version: '3'
services:
  mqtt-broker:
    build: .
    ports:
      - "8883:8883"

    volumes:
      - ./certificate.pfx:/app/certificate.pfx
    restart: unless-stopped

Configuration Options

  • Certificate: Mount your PFX certificate file to /app/certificate.pfx in the container or preferably modify it in the parent folder after git cloning.
  • Ports: The application uses 8883 for SSL MQTT (default).

Ideas for MQTT mesh moderation

  • Rate-limiting a packet we've heard before
  • Rate-limiting packets per node
  • "Zero hopping" certain packets
  • Blocking unknown topics or undecryptable packets (from unknown channels)
  • Blocking or rate-limiting certain portnums
  • Fail2ban style connection moderation
  • Banning from known bad actors list

Troubleshooting

  • Ensure proper network access to the Docker container
  • Check that certificates are correctly formatted
  • Review logs using docker logs [container-id]
View Git Blame Copy Permalink
Description
No description provided
Readme GPL-3.0 60 KiB
Languages
C# 93%
Dockerfile 7%