Add labs

04-mosquitto/lab06/.gitignore

@@ -0,0 +1,7 @@
+*.pem
+*.key
+*.cer
+*.fullchain
+!sample/*key
+!sample/*fullchain
+!sample/*cer

04-mosquitto/lab06/config/acl.txt

@@ -0,0 +1,8 @@
+topic readwrite freeforall
+
+pattern readwrite users/%u/#
+
+topic read announcements
+
+user thomas
+topic readwrite announcements

04-mosquitto/lab06/config/docker-compose.yml

@@ -0,0 +1,7 @@
+services:
+  mosquitto:
+    image: eclipse-mosquitto
+    ports:
+      - "1883:1883"
+    volumes:
+      - ./:/mosquitto/config

04-mosquitto/lab06/config/mosquitto.conf

@@ -0,0 +1,15 @@
+listener 1883
+
+listener_allow_anonymous true
+password_file /mosquitto/config/users.txt
+acl_file /mosquitto/config/acl.txt
+
+listener 8883
+listener_allow_anonymous true
+
+# Nur Leaf-Zertifikat, in Kette fehlt Intermediate
+# certfile /mosquitto/config/mqtt.trion.dev.cer
+
+certfile /mosquitto/config/mqtt.trion.dev.fullchain
+keyfile /mosquitto/config/mqtt.trion.dev.key
+

04-mosquitto/lab06/config/users.txt

@@ -0,0 +1,2 @@
+thomas:$7$101$+0sf4wma3qzDFw6R$H+lLmGLzo1Ex5rXxZqWxuEFCV7bSsAehEwTJ6XULFberEhwug/EC8aSWtiI4xScYQ2u/0sZ3xCg0rTRaMb5ITg==
+admin:$7$101$S9wXlrBPl3PFz+9y$l3/GP/FjklfQ2inTxBf4FfLvFR3r5yF6G6ZSRDFRwAklzltZ+xhUWM83PKQjxy2ZFYYmHxMoKs4q1+IMrXL6NA==

04-mosquitto/lab06/lab.txt

@@ -0,0 +1,40 @@
+= Verwendung ACME TLS Zertifikat
+
+
+Nutzen Sie z.B. acme.sh um ein Zertifikat für den öffentlichen Hostnamen / IP Adresse
+Ihrer Maschine ein Zertifikat zu erstellen.
+Dies Lab ist nur möglich auf öffentlich erreichbaren Maschinen.
+
+
+
+Für DNS Namen (Hostnamen passend wählen)
+
+$ mkdir out
+$ docker run --rm -it -v "$(pwd)/out":/acme.sh -p 80:80 -p 443:443 neilpang/acme.sh \
+  --register-account -m  zerossl@example.com
+$ docker run --rm -it -v "$(pwd)/out":/acme.sh -p 80:80 -p 443:443 neilpang/acme.sh \
+  --issue -d mqtt.trion.dev --server zerossl --standalone
+
+Oder für die IP
+
+$ mkdir out
+$ docker run --rm -it -v "$(pwd)/out":/acme.sh -p 80:80 -p 443:443 neilpang/acme.sh \
+ --issue --alpn -d 217.231.222.7 --server letsencrypt --certificate-profile shortlived --days 5
+
+
+Konfigurieren Sie das erhaltene Zertifikat.
+
+
+certfile /mosquitto/config/mqtt.trion.dev.fullchain
+keyfile /mosquitto/config/mqtt.trion.dev.key
+
+
+$ docker run --rm -it --init --net host -v $PWD:/mosquitto/config eclipse-mosquitto
+
+
+Verbinden Sie sich über den passenden Weg (Hostnamen / IP) unter Verwendung von TLS
+auf den Broker
+
+$ docker run --rm -it --init --net host eclipse-mosquitto \
+ mosquitto_pub --host mqtt.trion.dev --port 8883 -V 5 --qos 1 \
+ --topic freeforall --message "this is secure" --debug

04-mosquitto/lab06/sample/mqtt.trion.dev.cer

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID9DCCA3qgAwIBAgIRAMkUcDI/Bsia55JeVesEvuMwCgYIKoZIzj0EAwMwSzEL
+MAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9TU0wg
+RUNDIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yNjAyMDEwMDAwMDBaFw0yNjA1
+MDIyMzU5NTlaMBkxFzAVBgNVBAMTDm1xdHQudHJpb24uZGV2MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAE4e+SWARnLByaXMXJdfbPXMegYT1rFXwsVwBnEaKwcJbI
+F60x6Jc08V1MmFIHUIPdMP5ezqbt0VS7TUsaca66MKOCAm8wggJrMB8GA1UdIwQY
+MBaAFA9r5kvOOUeu9n6QHnnwMJGSyF+jMB0GA1UdDgQWBBQsP/sy/wqn4wsONH/p
+9guCOI0tRjAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK
+BggrBgEFBQcDATBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJOMCUwIwYIKwYBBQUH
+AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBiAYIKwYBBQUH
+AQEEfDB6MEsGCCsGAQUFBzAChj9odHRwOi8vemVyb3NzbC5jcnQuc2VjdGlnby5j
+b20vWmVyb1NTTEVDQ0RvbWFpblNlY3VyZVNpdGVDQS5jcnQwKwYIKwYBBQUHMAGG
+H2h0dHA6Ly96ZXJvc3NsLm9jc3Auc2VjdGlnby5jb20wggEDBgorBgEEAdZ5AgQC
+BIH0BIHxAO8AdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWsYcVOIQAAAZwY
+f1wTAAAEAwBHMEUCIQCKKPMWPfgpfaSY9410Ck9XJgf7z2M/9wHFctS63EB/iQIg
+RQo+eGFZht4U1l951MthGodOFf/kPJR8+6ISkLYDMvMAdQAWgy2r8KklDw/wOqVF
+/8i/yCPQh0v2BCkn+OcfMxP1+gAAAZwYf1wOAAAEAwBGMEQCIArz8jZ2ZMiY5/8P
+0Nqtmj/XWEncfHQXi1AI95jMR6q/AiBzxNv5SQUI3i+ah3YUFxRcskFgRmAqiEDZ
+QWX08LcEjTAZBgNVHREEEjAQgg5tcXR0LnRyaW9uLmRldjAKBggqhkjOPQQDAwNo
+ADBlAjEA8o6CjH/m/6gmbxBV7InPYiRKtxoo+7fyRtMbLG5H7tJyNVbqzl1Vr3sS
+5CkBEcseAjB9pRbWF32qzEWXxTX3Iojo0Ii9DJa/PcNUMKSbzwEDOlPZCyK+GMuF
+yYQoZOXOeuw=
+-----END CERTIFICATE-----

04-mosquitto/lab06/sample/mqtt.trion.dev.fullchain

@@ -0,0 +1,68 @@
+-----BEGIN CERTIFICATE-----
+MIID9DCCA3qgAwIBAgIRAMkUcDI/Bsia55JeVesEvuMwCgYIKoZIzj0EAwMwSzEL
+MAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9TU0wg
+RUNDIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yNjAyMDEwMDAwMDBaFw0yNjA1
+MDIyMzU5NTlaMBkxFzAVBgNVBAMTDm1xdHQudHJpb24uZGV2MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAE4e+SWARnLByaXMXJdfbPXMegYT1rFXwsVwBnEaKwcJbI
+F60x6Jc08V1MmFIHUIPdMP5ezqbt0VS7TUsaca66MKOCAm8wggJrMB8GA1UdIwQY
+MBaAFA9r5kvOOUeu9n6QHnnwMJGSyF+jMB0GA1UdDgQWBBQsP/sy/wqn4wsONH/p
+9guCOI0tRjAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAK
+BggrBgEFBQcDATBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgJOMCUwIwYIKwYBBQUH
+AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBiAYIKwYBBQUH
+AQEEfDB6MEsGCCsGAQUFBzAChj9odHRwOi8vemVyb3NzbC5jcnQuc2VjdGlnby5j
+b20vWmVyb1NTTEVDQ0RvbWFpblNlY3VyZVNpdGVDQS5jcnQwKwYIKwYBBQUHMAGG
+H2h0dHA6Ly96ZXJvc3NsLm9jc3Auc2VjdGlnby5jb20wggEDBgorBgEEAdZ5AgQC
+BIH0BIHxAO8AdgAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWsYcVOIQAAAZwY
+f1wTAAAEAwBHMEUCIQCKKPMWPfgpfaSY9410Ck9XJgf7z2M/9wHFctS63EB/iQIg
+RQo+eGFZht4U1l951MthGodOFf/kPJR8+6ISkLYDMvMAdQAWgy2r8KklDw/wOqVF
+/8i/yCPQh0v2BCkn+OcfMxP1+gAAAZwYf1wOAAAEAwBGMEQCIArz8jZ2ZMiY5/8P
+0Nqtmj/XWEncfHQXi1AI95jMR6q/AiBzxNv5SQUI3i+ah3YUFxRcskFgRmAqiEDZ
+QWX08LcEjTAZBgNVHREEEjAQgg5tcXR0LnRyaW9uLmRldjAKBggqhkjOPQQDAwNo
+ADBlAjEA8o6CjH/m/6gmbxBV7InPYiRKtxoo+7fyRtMbLG5H7tJyNVbqzl1Vr3sS
+5CkBEcseAjB9pRbWF32qzEWXxTX3Iojo0Ii9DJa/PcNUMKSbzwEDOlPZCyK+GMuF
+yYQoZOXOeuw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAwygAwIBAgIQI7dt48G7KxpRlh4I6rdk6DAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTMw
+MDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UEChMH
+WmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBFQ0MgRG9tYWluIFNlY3VyZSBTaXRl
+IENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAENkFhFytTJe2qypTk1tpIV+9QuoRk
+gte7BRvWHwYk9qUznYzn8QtVaGOCMBBfjWXsqqivl8q1hs4wAYl03uNOXgFu7iZ7
+zFP6I6T3RB0+TR5fZqathfby47yOCZiAJI4go4IBdTCCAXEwHwYDVR0jBBgwFoAU
+OuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFA9r5kvOOUeu9n6QHnnwMJGS
+yF+jMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJO
+MAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
+KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwJHBUDwHJQN3I
+VNltVMrICMqYQ3TYP/TXqV9t8mG5cAomG2MwqIsxnL937Gewf6WIAjAlrauksO6N
+UuDdDXyd330druJcZJx0+H5j5cFOYBaGsKdeGW7sCMaR2PsDFKGllas=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0zCCArugAwIBAgIQVmcdBOpPmUxvEIFHWdJ1lDANBgkqhkiG9w0BAQwFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5
+MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO
+ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGqxUWqn5aCPnetUkb1PGWthL
+q8bVttHmc3Gu3ZzWDGH926CJA7gFFOxXzu5dP+Ihs8731Ip54KODfi2X0GHE8Znc
+JZFjq38wo7Rw4sehM5zzvy5cU7Ffs30yf4o043l5o4HyMIHvMB8GA1UdIwQYMBaA
+FKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1
+xmNjmjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAI
+MAYGBFUdIAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5j
+b20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEM
+BQADggEBABns652JLCALBIAdGN5CmXKZFjK9Dpx1WywV4ilAbe7/ctvbq5AfjJXy
+ij0IckKJUAfiORVsAYfZFhr1wHUrxeZWEQff2Ji8fJ8ZOd+LygBkc7xGEJuTI42+
+FsMuCIKchjN0djsoTI0DQoWz4rIjQtUfenVqGtF8qmchxDM6OW1TyaLtYiKou+JV
+bJlsQ2uRl9EMC5MCHdK8aXdJ5htN978UeAOwproLtOGFfy/cQjutdAFI3tZs4RmY
+CV4Ks2dH/hzg1cEo70qLRDEmBDeNiXQ2Lu+lIg+DdEmSx/cQwgwp+7e9un/jX9Wf
+8qn0dNW44bOwgeThpWOjzOoEeJBuv/c=
+-----END CERTIFICATE-----

04-mosquitto/lab06/sample/mqtt.trion.dev.key

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIO/7jTTv3NKaDrAvRLrHgsRIlJ55EwQM1FlfdWaJcfT7oAoGCCqGSM49
+AwEHoUQDQgAE4e+SWARnLByaXMXJdfbPXMegYT1rFXwsVwBnEaKwcJbIF60x6Jc0
+8V1MmFIHUIPdMP5ezqbt0VS7TUsaca66MA==
+-----END EC PRIVATE KEY-----