Provided by: mosquitto_0.15-0ubuntu1_amd64 bug

NAME

       mosquitto.conf - the configuration file for mosquitto

SYNOPSIS

       mosquitto.conf

DESCRIPTION

       mosquitto.conf  is  the configuration file for mosquitto. This file can reside anywhere as
       long as mosquitto can read it. By default, mosquitto does not need  a  configuration  file
       and  will  use the default values listed below. See mosquitto(8) for information on how to
       load a configuration file.

FILE FORMAT

       All lines with a # as the very first character are treated as a comment.

       Configuration lines start with a variable name. The variable value is separated  from  the
       name by a single space.

VARIABLES

       acl_file file path
              Set  the  path to an access control list file. If defined, the contents of the file
              are used to control client access to topics on the broker.

              If this parameter is defined then only the topics listed will  have  access.  Topic
              access is added with lines of the format:

              topic [read|write] <topic>

              The access type is controlled using "read" or "write". This parameter is optional -
              if not given then the access  is  read/write.  <topic>  can  contain  the  +  or  #
              wildcards as in subscriptions.

              The  first set of topics are applied to anonymous clients, assuming allow_anonymous
              is true. User specific topic ACLs are added after a user line as follows:

              user <username>

              The username referred to here is the same  as  in  password_file.  It  is  not  the
              clientid.

              It  is also possible to define ACLs based on pattern substitution within the topic.
              The form is the same as for the topic keyword, but using pattern as the keyword.

              pattern [read|write] <topic>

              The patterns available for substition are:

              · %c to match the client id of the client

              · %u to match the username of the client

              The substitution pattern must be the only text for that level of hierarchy. Pattern
              ACLs apply to all users even if the "user" keyword has previously been given.

              Example:

              pattern write sensor/%u/data

              Reloaded  on  reload  signal. The currently loaded ACLs will be freed and reloaded.
              Existing subscriptions will be affected after the reload.

       allow_anonymous [ true | false ]
              Boolean value that determines whether clients  that  connect  without  providing  a
              username  are  allowed  to  connect. If set to false then a password file should be
              created (see the password_file option)  to  control  authenticated  client  access.
              Defaults to true.

              Reloaded on reload signal.

       autosave_interval seconds
              The  number  of seconds that mosquitto will wait between each time it saves the in-
              memory database to disk. If set to 0, the in-memory database  will  only  be  saved
              when  mosquitto  exits or when receiving the SIGUSR1 signal. Note that this setting
              only has an effect  if  persistence  is  enabled.  Defaults  to  1800  seconds  (30
              minutes).

              Reloaded on reload signal.

       bind_address address
              Listen  for incoming network connections on the specified IP address/hostname only.
              This is useful to restrict access to certain network interfaces. To restrict access
              to  mosquitto  to  the  local  host  only,  use "bind_address localhost". This only
              applies to the default  listener.  Use  the  listener  variable  to  control  other
              listeners.

              Not reloaded on reload signal.

       clientid_prefixes prefix
              If  defined,  only  clients  that  have  a  clientid  with  a  prefix  that matches
              clientid_prefixes will be allowed to connect to the broker.  For  example,  setting
              "secure-"  here  would mean a client "secure-client" could connect but another with
              clientid "mqtt" couldn't. By default, all client ids are valid.

              Reloaded on reload signal. Note that currently connected clients will be unaffected
              by any changes.

       connection_messages < true | false >
              If  set  to true, the log will include entries when clients connect and disconnect.
              If set to false, these entries will not appear.

              Reloaded on reload signal.

       listener port
              Listen for incoming network connection on the specified  port.  A  second  optional
              argument allows the listener to be bound to a specific ip address/hostname. If this
              variable is used and neither bind_address  nor  port  are  used  then  the  default
              listener will not be started. This option may be specified multiple times. See also
              the mount_point option.

              Not reloaded on reload signal.

       log_dest destinations
              Send log messages to a particular destination.  Possible destinations  are:  stdout
              stderr  syslog  topic.   stdout  and stderr log to the console on the named output.
              syslog  uses  the  userspace   syslog   facility   which   usually   ends   up   in
              /var/log/messages    or    similar   and   topic   logs   to   the   broker   topic
              '$SYS/broker/log/<severity>', where severity is one of D, E,  W,  N,  I  which  are
              debug,  error,  warning, notice and information. Use "log_dest none" if you wish to
              disable logging. Defaults to stderr. This option may be specified multiple times.

              Reloaded on reload signal.

       log_timestamp [ true | false ]
              Boolean value, if set to true a timestamp value will be added to  each  log  entry.
              The default is true.

              Reloaded on reload signal.

       log_type types
              Choose types of messages to log. Possible types are: debug, error, warning, notice,
              information, none. Defaults to error, warning, notice and information. This  option
              may  be  specified  multiple  times.  Note  that  the debug type (used for decoding
              incoming network packets) is never logged in syslog or topics.

              Reloaded on reload signal.

       max_connections count
              Limit the total number of clients connected for the current listener. Set to -1  to
              have  "unlimited"  connections.  Note  that  other  limits  may be imposed that are
              outside the control of mosquitto. See e.g.  limits.conf(5).

              Not reloaded on reload signal.

       max_inflight_messages count
              The maximum number of QoS 1 or 2 messages that can  be  in  the  process  of  being
              transmitted   simultaneously.   This  includes  messages  currently  going  through
              handshakes and messages that are being retried. Defaults to 20. Set  to  0  for  no
              maximum. If set to 1, this will guarantee in-order delivery of messages.

              Reloaded on reload signal.

       max_queued_messages count
              The maximum number of QoS 1 or 2 messages to hold in the queue above those messages
              that are currently in flight. Defaults to  100.  Set  to  0  for  no  maximum  (not
              recommended).

              Reloaded on reload signal.

       mount_point topic prefix
              This  option  is used with the listener option to isolate groups of clients. When a
              client connects to a listener which  uses  this  option,  the  string  argument  is
              attached  to  the  start of all topics for this client. This prefix is removed when
              any messages are sent to the client.  This means a client connected to  a  listener
              with  mount  point  example  can  only see messages that are published in the topic
              hierarchy example and above.

              Not reloaded on reload signal.

       password_file file path
              Set the path to a password file. If defined, the contents of the file are  used  to
              control   client  access  to  the  broker.  Each  line  should  be  in  the  format
              "username:password", where the colon and password are optional but recommended.  If
              allow_anonymous  is  set  to false, only users defined in this file will be able to
              connect. Setting allow_anonymous to true when password_file is defined is valid and
              could  be  used  with  acl_file to have e.g. read only guest/anonymous accounts and
              defined users that can publish.

              Reloaded on reload signal. The currently loaded username and password data will  be
              freed and reloaded. Clients that are already connected will not be affected.

       persistence [ true | false ]
              Can  be  true  or false. If true, connection, subscription and message data will be
              written   to   the   disk   in   mosquitto.db   at   the   location   dictated   by
              persistence_location.  When  mosquitto is restarted, it will reload the information
              stored in mosquitto.db. The data will be written to disk when mosquitto closes  and
              also  at  periodic  intervals  as  defined  by  autosave_interval.  Writing  of the
              persistence database may also be forced by sending mosquitto the SIGUSR1 signal. If
              false, the data will be stored in memory only. Defaults to false.

              Reloaded on reload signal.

       persistence_file file name
              The filename to use for the persistent database. Defaults to mosquitto.db.

              Reloaded on reload signal.

       persistence_location path
              The  path  where  the persistence database should be stored. Must end in a trailing
              slash. If not given, then the current directory is used.

              Reloaded on reload signal.

       pid_file file path
              Write a pid file to the file specified. If not given (the  default),  no  pid  file
              will  be  written.  If  the  pid  file cannot be written, mosquitto will exit. This
              option only has an effect is mosquitto is run in daemon mode.

              If mosquitto is being automatically started by an init script it  will  usually  be
              required   to   write   a   pid   file.   This   should   then   be  configured  as
              /var/run/mosquitto.pid

              Not reloaded on reload signal.

       port port number
              Set the network port for the default listener to listen on. Defaults to 1883.

              Not reloaded on reload signal.

       retained_persistence [ true | false ]
              This is a synonym of the persistence option.

              Reloaded on reload signal.

       retry_interval seconds
              The integer number of seconds after a QoS=1 or QoS=2 message  has  been  sent  that
              mosquitto  will  wait  before  retrying  when  no  response  is received. If unset,
              defaults to 20 seconds.

              Reloaded on reload signal.

       store_clean_interval seconds
              The integer number of seconds between the internal message store being  cleaned  of
              messages  that  are  no longer referenced. Lower values will result in lower memory
              usage but more processor time, higher values will have the opposite effect. Setting
              a  value  of  0  means  the unreferenced messages will be disposed of as quickly as
              possible. Defaults to 10 seconds.

              Reloaded on reload signal.

       sys_interval seconds
              The integer number of seconds between updates of the $SYS  subscription  hierarchy,
              which  provides  status  information  about  the  broker.  If unset, defaults to 10
              seconds.

              Reloaded on reload signal.

       user username
              When run as root, change to  this  user  and  its  primary  group  on  startup.  If
              mosquitto  is  unable to change to this user and group, it will exit with an error.
              The user specified must have read/write access to the persistence database if it is
              to  be  written. If run as a non-root user, this setting has no effect. Defaults to
              mosquitto.

              This setting has no effect on Windows and so you should run mosquitto as  the  user
              you wish it to run as.

              Not reloaded on reload signal.

CONFIGURING BRIDGES

       Multiple  bridges  (connections  to  other  brokers) can be configured using the following
       variables.

       Bridges cannot currently be reloaded on reload signal.

       address address[:port], addresses address[:port]
              Specify the address and optionally the port of the bridge to connect to. This  must
              be  given  for each bridge connection. If the port is not specified, the default of
              1883 is used.

              Unlike rsmb, it is not currently possible  to  specify  multiple  addresses  for  a
              single bridge connection here. This is true even if the name "addresses" is used.

       cleansession [ true | false ]
              Set the clean session option for this bridge. Setting to false (the default), means
              that all subscriptions on the remote  broker  are  kept  in  case  of  the  network
              connection  dropping.  If set to true, all subscriptions and messages on the remote
              broker will be cleaned up if the connection drops. Note that setting  to  true  may
              cause  a  large  amount  of  retained  messages  to  be  sent  each time the bridge
              reconnects.

       clientid id
              Set the client id for this bridge connection. If  not  defined,  this  defaults  to
              'name.hostname',  where name is the connection name and hostname is the hostname of
              this computer.

       connection name
              This variable marks the start of a new bridge connection. It is also used  to  give
              the bridge a name which is used as the client id on the remote broker.

       keepalive_interval seconds
              Set  the  number  of  seconds after which the bridge should send a ping if no other
              traffic has occurred.  Defaults to 60. A minimum value of 5 seconds isallowed.

       idle_timeout seconds
              Set the amount of time a bridge using the lazy start type must be  idle  before  it
              will be stopped. Defaults to 60 seconds.

       notifications [ true | false ]
              If  set  to  true,  publish  notification  messages to the local and remote brokers
              giving information about the state of the bridge connection. Retained messages  are
              published  to the topic $SYS/bridge/connection/<clientid>/state.  If the message is
              1 then the connection is active, or 0 if the connection  has  failed.  Defaults  to
              true.

       password value
              Configure  a password for the bridge. This is used for authentication purposes when
              connecting to a broker that support  MQTT  v3.1  and  requires  a  username  and/or
              password to connect. This option is only valid if a username is also supplied.

       start_type [ automatic | lazy | once ]
              Set  the  start  type of the bridge. This controls how the bridge starts and can be
              one of three types: automatic, lazy and once. Note  that  RSMB  provides  a  fourth
              start type "manual" which isn't currently supported by mosquitto.

              "automatic"  is the default start type and means that the bridge connection will be
              started automatically when the broker starts and also restarted after a short delay
              (30 seconds) if the connection fails.

              Bridges  using  the "lazy" start type will be started automatically when the number
              of queued messages exceeds the number set with the "threshold" parameter.  It  will
              be  stopped  automatically  after the time set by the "idle_timeout" parameter. Use
              this start type if you wish the connection to only be active when it is needed.

              A bridge using the "once" start type will be started automatically when the  broker
              starts but will not be restarted if the connection fails.

       threshold count
              Set the number of messages that need to be queued for a bridge with lazy start type
              to be restarted.  Defaults to 10 messages.

       topic pattern [ out | in | both ]
              Define a topic pattern to be shared between the two brokers.  Any  topics  matching
              the  pattern (which may include wildcards) are shared. The second parameter defines
              the direction that the messages will be shared in, so  it  is  possible  to  import
              messages  from a remote broker using "in", export messages to a remote broker using
              "out" or share messages in both directions. If this parameter is not  defined,  the
              default of "out" is used.

              This option can be specified multiple times per bridge.

              Care  must  be  taken to ensure that loops are not created with this option. If you
              are experiencing high CPU load from a broker, it is possible that you have  a  loop
              where each broker is forever forwarding each other the same messages.

       username name
              Configure  a username for the bridge. This is used for authentication purposes when
              connecting to a broker that support  MQTT  v3.1  and  requires  a  username  and/or
              password to connect. See also the password option.

EXTERNAL SECURITY CHECKS

       The  following  options are available when external security checks have been compiled in.
       Unless you have done this yourself it is unlikely to exist.

       db_host hostname
              Database host name.

              Reloaded on reload signal.

       db_port port
              Database port.

              Reloaded on reload signal.

       db_name name
              Database name.

              Reloaded on reload signal.

       db_username username
              Database username.

              Reloaded on reload signal.

       db_password password
              Database password.

              Reloaded on reload signal.

FILES

       mosquitto.conf

BUGS

       mosquitto bug information can be found at http://launchpad.net/mosquitto

SEE ALSO

       mosquitto(8) mqtt(7) limits.conf(5)

AUTHOR

       Roger Light <roger@atchoo.org>

                                         5 February 2012                        mosquitto.conf(5)