Mosquitto Broker from Source

• Build on Linux Desktop
  • Test Run

Build on Linux Desktop

Start by downloading the source code:

wget https://mosquitto.org/files/source/mosquitto-2.0.15.tar.gz
tar -xvf mosquitto-2.0.15.tar.gz
rm -rf mosquitto-2.0.15.tar.gz
cd ./mosquitto-2.0.15

Run make to build the binary and use the following flags as required:

• c-ares (libc-ares-dev on Debian based systems) - only when compiled with make WITH_SRV=yes
• cJSON - for client JSON output support. Disable with make WITH_CJSON=no Auto detected with CMake.
• libwebsockets (libwebsockets-dev) - enable with make WITH_WEBSOCKETS=yes
• openssl (libssl-dev on Debian based systems) - disable with make WITH_TLS=no
• pthreads - for client library thread support. This is required to support the mosquitto_loop_start() and mosquitto_loop_stop() functions. If compiled without pthread support, the library isn't guaranteed to be thread safe.
• uthash / utlist - bundled versions of these headers are provided, disable their use with make WITH_BUNDLED_DEPS=no
• xsltproc (xsltproc and docbook-xsl on Debian based systems) - only needed when building from git sources - disable with make WITH_DOCS=no

make WITH_WEBSOCKETS=yes WITH_CJSON=yes WITH_TLS=yes WITH_BUNDLED_DEPS=yes WITH_DOCS=no

This will build the binary ./mosquitto-2.0.15/src/mosquitto.

Test Run

As preparation I will copy the binary to:

sudo mkdir /opt/mosquitto
sudo cp src/mosquitto /opt/mosquitto/

I will also use the password generator that comes with Mosquitto:

sudo cp apps/mosquitto_passwd/mosquitto_passwd /opt/mosquitto/

To run the broker we first have to create a configuration file mosquitto.conf - I am going to activate persistance and logging just to see if it working (make sure to use a user mosquitto that is available on your system - you can replace mosquitto with your own user):

auto_id_prefix zeroid-
persistent_client_expiration 1d
queue_qos0_messages true
user mosquitto
listener 1883
protocol mqtt
listener 1885
protocol websockets
socket_domain ipv4
autosave_interval 7200
persistence true
persistence_file mosquitto.db
persistence_location /opt/mosquitto
log_dest file /opt/mosquitto/mosquitto.log
log_type error
log_type warning
log_type notice
log_type information
connection_messages true
log_timestamp true
log_timestamp_format %Y-%m-%dT%H:%M:%S
allow_anonymous false
password_file /opt/mosquitto/passwordfile

Now we need to create the passwordfile that will hold the broker login. mosquitto_passwd is a tool for managing password files for mosquitto.

Usage: mosquitto_passwd [-H sha512 | -H sha512-pbkdf2] [-c | -D] passwordfile username mosquitto_passwd [-H sha512 | -H sha512-pbkdf2] [-c] -b passwordfile username password mosquitto_passwd -U passwordfile

• -b : run in batch mode to allow passing passwords on the command line.
• -c : create a new password file. This will overwrite existing files.
• -D : delete the username rather than adding/updating its password.
• -H : specify the hashing algorithm. Defaults to sha512-pbkdf2, which is recommended.
• -U : update a plain text password file to use hashed passwords.

mosquitto_passwd -H sha512-pbkdf2 -b -c passwordfile admin instar

This creates the passwordfile required by our configuration file:

cat /opt/mosquitto/passwordfile
admin:$7$101$LSO6p87vcuGTol/U$t0jRLUn2iEnpLAiO4FGR7kPZsqgGvEjEabsbwJ4wqbLungrBtwM3D7BKqnNgczKX0XPezzvbgURB0LYvveX2zA==

Since I am running the broker with the mosquitto user I have to make sure that the user is allowed to access all those files inside the directories:

sudo chown mosquitto:mosquitto /opt/mosquitto/*

ls -la
drwxr-xr-x  2 mosquitto mosquitto    4096 Sep 11 15:36 .
drwxr-xr-x 19 root      root         4096 Sep 11 15:13 ..
-rwxr-xr-x  1 mosquitto mosquitto 1770008 Sep 11 15:14 mosquitto
-rw-r--r--  1 mosquitto mosquitto     533 Sep 11 15:41 mosquitto.conf
-rwxr-xr-x  1 mosquitto mosquitto   80232 Sep 11 15:20 mosquitto_passwd
-rw-r--r--  1 mosquitto mosquitto     119 Sep 11 15:29 passwordfile

Now I can finally start Mosquitto with the following command:

./mosquitto -c /opt/mosquitto/mosquitto.conf

I am getting an error message here that the log file could not be written:

2022-09-11T16:01:23: Error: Unable to open log file /opt/mosquitto/mosquitto.log for writing.

This will probably also affect the persistance... let's add the files with correct permissions and restart:

sudo touch /opt/mosquitto/mosquitto.log
sudo touch /opt/mosquitto/mosquitto.db
sudo chown mosquitto:mosquitto /opt/mosquitto/*

Strange, I am still getting write permission errors - let's open this up completely:

sudo chmod 777 /opt/mosquitto/*

Not sure what the issue is here with the mosquitto user on my system. But it is working correctly:

cat mosquitto.log

2022-09-11T16:15:04: mosquitto version 2.0.15 starting
2022-09-11T16:15:04: Config loaded from /opt/mosquitto/mosquitto.conf.
2022-09-11T16:15:04: Opening ipv4 listen socket on port 1883.
2022-09-11T16:15:04: Opening ipv6 listen socket on port 1883.
2022-09-11T16:15:04: Opening websockets listen socket on port 1885.
2022-09-11T16:15:04: mosquitto version 2.0.15 running

netstat -tlnp

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:1885            0.0.0.0:*               LISTEN      26215/./mosquitto   
tcp        0      0 0.0.0.0:1883            0.0.0.0:*               LISTEN      26215/./mosquitto   
tcp6       0      0 :::1883                 :::*                    LISTEN      26215/./mosquitto

I can test the broker using the MQTT Explorer:

The Explorer is going to connect using the Websocket interface on port 1885 and I can add another client - my INSTAR MQTT camera - using classic MQTT on port 1883. A few seconds later I can see my cameras LWT telling me the connection worked: