This project provides a script to bootstrap EMQX with multiple users and their permissions for use with Node-RED.
| Name | Description | Default |
|---|---|---|
| EMQX_HOST | EMQX Dashboard Host | emqx-dashboard.emqx.svc.cluster.local:18083 |
| EMQX_API_KEY | EMQX API Key | not set |
| EMQX_API_USER | EMQX API User | bootstrap_node_red |
| CHANNEL_ID | MQTT Channel ID | 3c78cf3f-d5b5-40ed-b851-bd86c2edaa52 |
| MQTT_USERS | Comma-separated list of MQTT users to create | node-red |
| <USERNAME>_PASSWORD | Password for each MQTT user (e.g., NODE_RED_PASSWORD) | not set |
| MAX_RETRIES | Maximum number of retry attempts for failed requests | 5 |
| RETRY_DELAY | Delay in seconds between retry attempts | 5 |
| HTTP_TIMEOUT | Timeout in seconds for HTTP requests | 10 |
To use this script, set the required environment variables and run the bootstrap_emqx.sh script. For example:
export EMQX_API_KEY="your-api-key"
export MQTT_USERS="user1,user2,user3"
export USER1_PASSWORD="password1"
export USER2_PASSWORD="password2"
export USER3_PASSWORD="password3"
./bootstrap_emqx.shThis will create the specified users with their respective passwords and grant them permissions to the MQTT topic.
To use this container as an init container in a Kubernetes deployment, you can add it to your deployment specification. Here's an example:
apiVersion: apps/v1
kind: Deployment
metadata:
name: node-red
spec:
replicas: 1
selector:
matchLabels:
app: node-red
template:
metadata:
labels:
app: node-red
spec:
initContainers:
- name: emqx-init
image: ghcr.io/your-username/node-red-emqx-init:latest
env:
- name: EMQX_HOST
value: "emqx-dashboard.emqx.svc.cluster.local:18083"
- name: EMQX_API_KEY
valueFrom:
secretKeyRef:
name: emqx-secrets
key: api-key
- name: MQTT_USERS
value: "node-red,sensor1,sensor2"
- name: NODE_RED_PASSWORD
valueFrom:
secretKeyRef:
name: mqtt-secrets
key: node-red-password
- name: SENSOR1_PASSWORD
valueFrom:
secretKeyRef:
name: mqtt-secrets
key: sensor1-password
- name: SENSOR2_PASSWORD
valueFrom:
secretKeyRef:
name: mqtt-secrets
key: sensor2-password
containers:
- name: node-red
image: nodered/node-red:latest
# ... rest of your Node-RED container specificationIn this example:
- The init container uses the image built from this project.
- Environment variables are set, including the EMQX host and API key.
- The MQTT users are specified in the
MQTT_USERSenvironment variable. - Passwords for each user are stored in Kubernetes secrets and referenced in the environment variables.
Make sure to create the necessary secrets (emqx-secrets and mqtt-secrets in this example) before applying the deployment.
This init container will run before the main Node-RED container starts, ensuring that the required MQTT users are created and properly configured in EMQX.
This project uses GitHub Actions to automatically create releases and publish Docker containers when a new tag is pushed. The workflow does the following:
- Creates a new GitHub release for the tag.
- Builds a Docker image.
- Publishes the Docker image to GitHub Container Registry (ghcr.io).
To trigger this workflow:
-
Create and push a new tag:
git tag v1.0.0 git push origin v1.0.0
-
The workflow will automatically run, creating a new release and publishing the container.
-
You can then use the published container in your Kubernetes deployments:
image: ghcr.io/your-username/node-red-emqx-init:v1.0.0
Replace
your-usernamewith your GitHub username or organization name.
If you need to build and push the Docker image manually:
docker build -t ghcr.io/your-username/node-red-emqx-init:latest .
docker push ghcr.io/your-username/node-red-emqx-init:latestReplace your-username with your GitHub username or organization name.