Add labs

2026-02-03 22:29:46 +01:00
commit 8fdf5827e4
156 changed files with 23069 additions and 0 deletions
--- a/04-mosquitto/lab04/config/acl.txt
+++ b/04-mosquitto/lab04/config/acl.txt
@ -0,0 +1,8 @@
+topic readwrite freeforall
+
+pattern readwrite users/%u/#
+
+topic read announcements
+
+user thomas
+topic readwrite announcements
--- a/04-mosquitto/lab04/config/docker-compose.yml
+++ b/04-mosquitto/lab04/config/docker-compose.yml
@ -0,0 +1,9 @@
+services:
+  mosquitto:
+    image: eclipse-mosquitto
+    ports:
+      - "1883:1883"
+    volumes:
+      - ./mosquitto.conf:/mosquitto/config/mosquitto.conf:ro
+      - ./users.txt:/mosquitto/config/users.txt:ro
+      - ./acl.txt:/mosquitto/config/acl.txt:ro
--- a/04-mosquitto/lab04/config/mosquitto.conf
+++ b/04-mosquitto/lab04/config/mosquitto.conf
@ -0,0 +1,5 @@
+listener 1883
+
+allow_anonymous true
+password_file /mosquitto/config/users.txt
+acl_file /mosquitto/config/acl.txt
--- a/04-mosquitto/lab04/config/users.txt
+++ b/04-mosquitto/lab04/config/users.txt
@ -0,0 +1,2 @@
+thomas:$7$101$+0sf4wma3qzDFw6R$H+lLmGLzo1Ex5rXxZqWxuEFCV7bSsAehEwTJ6XULFberEhwug/EC8aSWtiI4xScYQ2u/0sZ3xCg0rTRaMb5ITg==
+admin:$7$101$S9wXlrBPl3PFz+9y$l3/GP/FjklfQ2inTxBf4FfLvFR3r5yF6G6ZSRDFRwAklzltZ+xhUWM83PKQjxy2ZFYYmHxMoKs4q1+IMrXL6NA==
--- a/04-mosquitto/lab04/cyberchef/chef.txt
+++ b/04-mosquitto/lab04/cyberchef/chef.txt
@ -0,0 +1,14 @@
+Fork('\\n','\\n',false)
+Register('^([^:]+)',true,false,false)
+Find_/_Replace({'option':'Regex','string':'^[^:]+:'},'',false,false,false,false)
+Register('(.*)',true,false,false)
+Pseudo-Random_Number_Generator(12,'Hex')
+Register('(.*)',true,false,false)
+From_Hex('Auto')
+To_Base64('A-Za-z0-9+/=')
+Register('([\\s\\S]*)',true,false,false)
+Find_/_Replace({'option':'Regex','string':'.*'},'$R1',false,false,false,false)
+Derive_PBKDF2_key({'option':'Latin1','string':'$R1'},512,101,'SHA512',{'option':'Hex','string':'$R2'})
+From_Hex('Auto')
+To_Base64('A-Za-z0-9+/=')
+Find_/_Replace({'option':'Regex','string':'.*'},'$R0:$$7$$101$$$R3$$$&',false,false,false,false)
--- a/04-mosquitto/lab04/cyberchef/receipt.json
+++ b/04-mosquitto/lab04/cyberchef/receipt.json
@ -0,0 +1,30 @@
+[
+  { "op": "Fork",
+    "args": ["\\n", "\\n", false] },
+  { "op": "Register",
+    "args": ["^([^:]+)", true, false, false] },
+  { "op": "Find / Replace",
+    "args": [{ "option": "Regex", "string": "^[^:]+:" }, "", false, false, false, false] },
+  { "op": "Register",
+    "args": ["(.*)", true, false, false] },
+  { "op": "Pseudo-Random Number Generator",
+    "args": [12, "Hex"] },
+  { "op": "Register",
+    "args": ["(.*)", true, false, false] },
+  { "op": "From Hex",
+    "args": ["Auto"] },
+  { "op": "To Base64",
+    "args": ["A-Za-z0-9+/="] },
+  { "op": "Register",
+    "args": ["([\\s\\S]*)", true, false, false] },
+  { "op": "Find / Replace",
+    "args": [{ "option": "Regex", "string": ".*" }, "$R1", false, false, false, false] },
+  { "op": "Derive PBKDF2 key",
+    "args": [{ "option": "Latin1", "string": "$R1" }, 512, 101, "SHA512", { "option": "Hex", "string": "$R2" }] },
+  { "op": "From Hex",
+    "args": ["Auto"] },
+  { "op": "To Base64",
+    "args": ["A-Za-z0-9+/="] },
+  { "op": "Find / Replace",
+    "args": [{ "option": "Regex", "string": ".*" }, "$R0:$$7$$101$$$R3$$$&", false, false, false, false] }
+]
--- a/04-mosquitto/lab04/lab.txt
+++ b/04-mosquitto/lab04/lab.txt
@ -0,0 +1,77 @@
+= Mosquitto Autorisierung
+
+
+Konfigurieren Sie Mosquitto, aktivieren Sie die Nutzung der ACL Datei.
+
+
+listener 1883
+
+allow_anonymous true
+password_file /mosquitto/config/users.txt
+acl_file /mosquitto/config/acl.txt
+
+
+Nicht authentifizierte Clients dürfen `freeforall` und alles unterhalb nutzen.
+
+
+topic readwrite freeforall
+
+
+
+Authentifizierte User dürfen unterhalb von `users/` ihren Usernamen und alles darunter nutzen.
+
+
+pattern readwrite users/%u/#
+
+
+
+Das Topic `announcements` darf jeder lesen, der User `thomas` auch schreiben
+
+topic read announcements
+user thomas
+topic readwrite announcements
+
+
+
+Testen Sie das Verhalten mit verschiedenen Varianten zu publizieren, variieren Sie auch QoS und MQTT Version.
+
+
+$ docker run --rm -it --init --net host -v $PWD/config:/mosquitto/config eclipse-mosquitto
+
+$ docker run --rm -it --init --net host eclipse-mosquitto \
+  mosquitto_sub -V 5 --topic "freeforall" \
+  --debug
+
+$ docker run --rm -it --init --net host eclipse-mosquitto \
+  mosquitto_sub -V 5 --topic "announcements" \
+  --debug
+
+$ docker run --rm -it --init --net host eclipse-mosquitto \
+  mosquitto_sub -V 5 --topic "users/thomas/inbox" \
+  --username thomas -P geheim --debug
+
+
+$ docker run --rm -it --init --net host eclipse-mosquitto \
+  mosquitto_pub -V 5 --qos 1 --topic "freeforall" --message "hello all" --debug
+
+
+$ docker run --rm -it --net host eclipse-mosquitto \
+  mosquitto_pub -V 5 --topic announcements --message "not allowed" \
+  --debug
+
+$ docker run --rm -it --net host eclipse-mosquitto \
+  mosquitto_pub --qos 1 --topic announcements --message "not allowed" \
+  --debug
+
+$ docker run --rm -it --net host eclipse-mosquitto \
+  mosquitto_pub -V 5 --qos 1 --topic announcements --message "not allowed" \
+  --debug
+
+
+$ docker run --rm -it --net host eclipse-mosquitto \
+  mosquitto_pub -V 5 --qos 1 --topic users/thomas/inbox --message "email for you" \
+  --username thomas -P geheim --debug
+
+$ docker run --rm -it --net host eclipse-mosquitto \
+  mosquitto_pub -V 5 --qos 1 --topic announcements --message "system information" \
+  --username thomas -P geheim --debug