-
Notifications
You must be signed in to change notification settings - Fork 1
/
emqx_schema.hocon
1612 lines (1154 loc) · 58.1 KB
/
emqx_schema.hocon
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
emqx_schema {
fields_mqtt_quic_listener_peer_unidi_stream_count.desc:
"""Number of unidirectional streams to allow the peer to open."""
fields_mqtt_quic_listener_peer_unidi_stream_count.label:
"""Peer unidi stream count"""
fields_authorization_no_match.desc:
"""Default access control action if the user or client matches no ACL rules,
or if no such user or client is found by the configurable authorization
sources such as built_in_database, an HTTP API, or a query against PostgreSQL.
Find more details in 'authorization.sources' config."""
fields_authorization_no_match.label:
"""Authorization no match"""
sysmon_top_db_hostname.desc:
"""Hostname of the PostgreSQL database that collects the data points"""
sysmon_top_db_hostname.label:
"""DB Hostname"""
zones.desc:
"""A zone is a set of configs grouped by the zone <code>name</code>.
For flexible configuration mapping, the <code>name</code> can be set to a listener's <code>zone</code> config.
NOTE: A built-in zone named <code>default</code> is auto created and can not be deleted."""
fields_mqtt_quic_listener_certfile.desc:
"""Path to the certificate file. Will be deprecated in 5.1, use .ssl_options.certfile instead."""
fields_mqtt_quic_listener_certfile.label:
"""Certificate file"""
fields_rate_limit_conn_bytes_in.desc:
"""Limit the rate of receiving packets for a MQTT connection.
The rate is counted by bytes of packets per second."""
fields_rate_limit_conn_bytes_in.label:
"""Connection bytes in"""
crl_cache_capacity.desc:
"""The maximum number of CRL URLs that can be held in cache. If the cache is at full capacity and a new URL must be fetched, then it'll evict the oldest inserted URL in the cache."""
crl_cache_capacity.label:
"""CRL Cache Capacity"""
alarm_actions.desc:
"""The actions triggered when the alarm is activated.<br/>Currently, the following actions are supported: <code>log</code> and <code>publish</code>.
<code>log</code> is to write the alarm to log (console or file).
<code>publish</code> is to publish the alarm as an MQTT message to the system topics:
<code>$SYS/brokers/emqx@xx.xx.xx.x/alarms/activate</code> and
<code>$SYS/brokers/emqx@xx.xx.xx.x/alarms/deactivate</code>"""
alarm_actions.label:
"""Alarm Actions"""
base_listener_max_connections.desc:
"""The maximum number of concurrent connections allowed by the listener."""
base_listener_max_connections.label:
"""Max connections"""
mqtt_peer_cert_as_username.desc:
"""Use the CN, DN field in the peer certificate or the entire certificate content as Username. Only works for the TLS connection.
Supported configurations are the following:
- <code>cn</code>: CN field of the certificate
- <code>dn</code>: DN field of the certificate
- <code>crt</code>: Content of the <code>DER</code> or <code>PEM</code> certificate
- <code>pem</code>: Convert <code>DER</code> certificate content to <code>PEM</code> format and use as Username
- <code>md5</code>: MD5 value of the <code>DER</code> or <code>PEM</code> certificate"""
mqtt_peer_cert_as_username.label:
"""Use Peer Certificate as Username"""
fields_cache_enable.desc:
"""Enable or disable the authorization cache."""
fields_cache_enable.label:
"""Enable or disable the authorization cache."""
fields_mqtt_quic_listener_disconnect_timeout_ms.desc:
"""How long to wait for an ACK before declaring a path dead and disconnecting. Default: 16000"""
fields_mqtt_quic_listener_disconnect_timeout_ms.label:
"""Disconnect timeout ms"""
mqtt_max_topic_alias.desc:
"""Maximum topic alias, 0 means no topic alias supported."""
mqtt_max_topic_alias.label:
"""Max Topic Alias"""
common_ssl_opts_schema_user_lookup_fun.desc:
"""EMQX-internal callback that is used to lookup pre-shared key (PSK) identity.<br/>
Has no effect when TLS version is configured (or negotiated) to 1.3"""
common_ssl_opts_schema_user_lookup_fun.label:
"""SSL PSK user lookup fun"""
fields_listeners_wss.desc:
"""HTTPS websocket listeners."""
fields_listeners_wss.label:
"""HTTPS websocket listeners"""
sysmon_top_max_procs.desc:
"""Stop collecting data when the number of processes
in the VM exceeds this value"""
sysmon_top_max_procs.label:
"""Max procs"""
mqtt_use_username_as_clientid.desc:
"""Whether to use Username as Client ID.
This setting takes effect later than <code>Use Peer Certificate as Username</code> and <code>Use peer certificate as Client ID</code>."""
mqtt_use_username_as_clientid.label:
"""Use Username as Client ID"""
mqtt_max_qos_allowed.desc:
"""Maximum QoS allowed."""
mqtt_max_qos_allowed.label:
"""Max QoS"""
fields_mqtt_quic_listener_max_binding_stateless_operations.desc:
"""The maximum number of stateless operations that may be queued on a binding at any one time. Default: 100"""
fields_mqtt_quic_listener_max_binding_stateless_operations.label:
"""Max binding stateless operations"""
fields_mqtt_quic_listener_stream_recv_buffer_default.desc:
"""Stream initial buffer size. Default: 4096"""
fields_mqtt_quic_listener_stream_recv_buffer_default.label:
"""Stream recv buffer default"""
fields_mqtt_quic_listener_pacing_enabled.desc:
"""Pace sending to avoid overfilling buffers on the path. Default: 1 (Enabled)"""
fields_mqtt_quic_listener_pacing_enabled.label:
"""Pacing enabled"""
mqtt_max_subscriptions.desc:
"""Maximum number of subscriptions allowed per client."""
mqtt_max_subscriptions.label:
"""Max Subscriptions"""
persistent_session_builtin_messages_table.desc:
"""Performance tuning options for built-in messages table."""
persistent_session_builtin_messages_table.label:
"""Persistent messages"""
sysmon_os_cpu_low_watermark.desc:
"""The threshold, as percentage of system CPU load,
for how much system cpu can be used before the corresponding alarm is cleared. Disabled on Windows platform"""
sysmon_os_cpu_low_watermark.label:
"""CPU low watermark"""
fields_mqtt_quic_listener_tls_server_max_send_buffer.desc:
"""How much Server TLS data to buffer. Default: 8192"""
fields_mqtt_quic_listener_tls_server_max_send_buffer.label:
"""TLS server max send buffer"""
base_listener_bind.desc:
"""IP address and port for the listening socket."""
base_listener_bind.label:
"""IP address and port"""
server_ssl_opts_schema_handshake_timeout.desc:
"""Maximum time duration allowed for the handshake to complete"""
server_ssl_opts_schema_handshake_timeout.label:
"""Handshake timeout"""
fields_deflate_opts_server_context_takeover.desc:
"""Takeover means the compression state is retained between server messages."""
fields_deflate_opts_server_context_takeover.label:
"""Server context takeover"""
mqtt_session_expiry_interval.desc:
"""Specifies how long the session will expire after the connection is disconnected, only for non-MQTT 5.0 connections."""
mqtt_session_expiry_interval.label:
"""Session Expiry Interval"""
fields_listener_enabled.desc:
"""Enable listener."""
fields_listener_enabled.label:
"""Enable listener"""
mqtt.desc:
"""Global MQTT configuration.
The configs here work as default values which can be overridden in <code>zone</code> configs"""
crl_cache_refresh_http_timeout.desc:
"""The timeout for the HTTP request when fetching CRLs. This is a global setting for all listeners."""
crl_cache_refresh_http_timeout.label:
"""CRL Cache Refresh HTTP Timeout"""
fields_tcp_opts_backlog.desc:
"""TCP backlog defines the maximum length that the queue of
pending connections can grow to."""
fields_tcp_opts_backlog.label:
"""TCP backlog length"""
fields_mqtt_quic_listener_initial_window_packets.desc:
"""The size (in packets) of the initial congestion window for a connection. Default: 10"""
fields_mqtt_quic_listener_initial_window_packets.label:
"""Initial window packets"""
flapping_detect_enable.desc:
"""Enable flapping connection detection feature."""
flapping_detect_enable.label:
"""Enable flapping detection"""
sysmon_top_db_password.desc:
"""EMQX user password in the PostgreSQL database"""
sysmon_top_db_password.label:
"""DB Password"""
fields_ws_opts_check_origins.desc:
"""List of allowed origins.<br/>See <code>check_origin_enable</code>."""
fields_ws_opts_check_origins.label:
"""Allowed origins"""
fields_deflate_opts_client_context_takeover.desc:
"""Takeover means the compression state is retained between client messages."""
fields_deflate_opts_client_context_takeover.label:
"""Client context takeover"""
base_listener_acceptors.desc:
"""The size of the listener's receiving pool."""
base_listener_acceptors.label:
"""Acceptors Num"""
common_ssl_opts_schema_cacertfile.desc:
"""Trusted PEM format CA certificates bundle file.<br/>
The certificates in this file are used to verify the TLS peer's certificates.
Append new certificates to the file if new CAs are to be trusted.
There is no need to restart EMQX to have the updated file loaded, because
the system regularly checks if file has been updated (and reload).<br/>
NOTE: invalidating (deleting) a certificate from the file will not affect
already established connections."""
common_ssl_opts_schema_cacertfile.label:
"""CACertfile"""
common_ssl_opts_schema_cacerts.desc:
"""When enabled, uses the system trusted CA certificates for establishing to TLS connections."""
common_ssl_opts_schema_cacerts.label:
"""Use System CA Certificates"""
fields_ws_opts_mqtt_path.desc:
"""WebSocket's MQTT protocol path. So the address of EMQX Broker's WebSocket is:
<code>ws://{ip}:{port}/mqtt</code>"""
fields_ws_opts_mqtt_path.label:
"""WS MQTT Path"""
sysmon_os_procmem_high_watermark.desc:
"""The threshold, as percentage of system memory,
for how much system memory can be allocated by one Erlang process before
the corresponding alarm is raised. Disabled on Windows platform."""
sysmon_os_procmem_high_watermark.label:
"""ProcMem high wartermark"""
fields_listeners_quic.desc:
"""QUIC listeners."""
fields_listeners_quic.label:
"""QUIC listeners"""
fields_listeners_ws.desc:
"""HTTP websocket listeners."""
fields_listeners_ws.label:
"""HTTP websocket listeners"""
mqtt_retry_interval.desc:
"""Retry interval for QoS 1/2 message delivering."""
mqtt_retry_interval.label:
"""Retry Interval"""
stats_enable.desc:
"""Enable/disable statistic data collection."""
stats_enable.label:
"""Enable/disable statistic data collection."""
fields_authorization_deny_action.desc:
"""The action when the authorization check rejects an operation."""
fields_authorization_deny_action.label:
"""Authorization deny action"""
fields_deflate_opts_server_max_window_bits.desc:
"""Specifies the size of the compression context for the server."""
fields_deflate_opts_server_max_window_bits.label:
"""Server compression max window size"""
client_ssl_opts_schema_server_name_indication.desc:
"""Specify the host name to be used in TLS Server Name Indication extension.<br/>
For instance, when connecting to "server.example.net", the genuine server
which accepts the connection and performs TLS handshake may differ from the
host the TLS client initially connects to, e.g. when connecting to an IP address
or when the host has multiple resolvable DNS records <br/>
If not specified, it will default to the host name string which is used
to establish the connection, unless it is IP address used.<br/>
The host name is then also used in the host name verification of the peer
certificate.<br/> The special value 'disable' prevents the Server Name
Indication extension from being sent and disables the hostname
verification check."""
client_ssl_opts_schema_server_name_indication.label:
"""Server Name Indication"""
fields_mqtt_quic_listener_retry_memory_limit.desc:
"""The percentage of available memory usable for handshake connections before stateless retry is used. Calculated as `N/65535`. Default: 65"""
fields_mqtt_quic_listener_retry_memory_limit.label:
"""Retry memory limit"""
force_shutdown_max_mailbox_size.desc:
"""In EMQX, each online client corresponds to an individual Erlang process. The configuration value establishes a mailbox size limit for these processes. If the mailbox size surpasses this limit, the client will be automatically terminated."""
force_shutdown_max_mailbox_size.label:
"""Maximum mailbox size."""
sys_heartbeat_interval.desc:
"""Time interval for publishing following heartbeat messages:
- `$SYS/brokers/<node>/uptime`
- `$SYS/brokers/<node>/datetime`"""
flapping_detect_ban_time.desc:
"""How long the flapping clientid will be banned."""
flapping_detect_ban_time.label:
"""Ban time"""
sysmon_top_num_items.desc:
"""The number of top processes per monitoring group"""
sysmon_top_num_items.label:
"""Top num items"""
persistent_session_builtin_session_table.desc:
"""Performance tuning options for built-in session table."""
persistent_session_builtin_session_table.label:
"""Persistent session"""
mqtt_upgrade_qos.desc:
"""Force upgrade of QoS level according to subscription."""
mqtt_upgrade_qos.label:
"""Upgrade QoS"""
mqtt_shared_subscription.desc:
"""Whether to enable support for MQTT shared subscription."""
mqtt_shared_subscription.label:
"""Shared Subscription Available"""
fields_tcp_opts_sndbuf.desc:
"""The TCP send buffer (OS kernel) for the connections."""
fields_tcp_opts_sndbuf.label:
"""TCP send buffer"""
sysmon_os_mem_check_interval.desc:
"""The time interval for the periodic memory check. Disabled on Windows platform."""
sysmon_os_mem_check_interval.label:
"""Mem check interval"""
server_ssl_opts_schema_gc_after_handshake.desc:
"""Memory usage tuning. If enabled, will immediately perform a garbage collection after the TLS/SSL handshake."""
server_ssl_opts_schema_gc_after_handshake.label:
"""Perform GC after handshake"""
fields_mqtt_quic_listener_ssl_options.desc:
"""TLS options for QUIC transport"""
fields_mqtt_quic_listener_ssl_options.label:
"""TLS Options"""
fields_ws_opts_mqtt_piggyback.desc:
"""Whether a WebSocket message is allowed to contain multiple MQTT packets."""
fields_ws_opts_mqtt_piggyback.label:
"""MQTT Piggyback"""
base_listener_mountpoint.desc:
"""When publishing or subscribing, prefix all topics with a mountpoint string.
The prefixed string will be removed from the topic name when the message
is delivered to the subscriber. The mountpoint is a way that users can use
to implement isolation of message routing between different listeners.
For example if a client A subscribes to `t` with `listeners.tcp.\<name>.mountpoint`
set to `some_tenant`, then the client actually subscribes to the topic
`some_tenant/t`. Similarly, if another client B (connected to the same listener
as the client A) sends a message to topic `t`, the message is routed
to all the clients subscribed `some_tenant/t`, so client A will receive the
message, with topic name `t`.<br/>
Set to `""` to disable the feature.<br/>
Variables in mountpoint string:
- <code>${clientid}</code>: clientid
- <code>${username}</code>: username"""
base_listener_mountpoint.label:
"""mountpoint"""
mqtt_max_awaiting_rel.desc:
"""For each publisher session, the maximum number of outstanding QoS 2 messages pending on the client to send PUBREL. After reaching this limit, new QoS 2 PUBLISH requests will be rejected with `147(0x93)` until either PUBREL is received or timed out."""
mqtt_max_awaiting_rel.label:
"""Max Awaiting PUBREL"""
ciphers_schema_quic.desc:
"""This config holds TLS cipher suite names separated by comma,
or as an array of strings. e.g.
<code>"TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256"</code> or
<code>["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256"]</code>.
<br/>
Ciphers (and their ordering) define the way in which the
client and server encrypts information over the network connection.
Selecting a good cipher suite is critical for the
application's data security, confidentiality and performance.
The names should be in OpenSSL string format (not RFC format).
All default values and examples provided by EMQX config
documentation are all in OpenSSL format.<br/>
NOTE: Certain cipher suites are only compatible with
specific TLS <code>versions</code> ('tlsv1.1', 'tlsv1.2' or 'tlsv1.3')
incompatible cipher suites will be silently dropped.
For instance, if only 'tlsv1.3' is given in the <code>versions</code>,
configuring cipher suites for other versions will have no effect.
<br/>
NOTE: PSK ciphers are suppressed by 'tlsv1.3' version config<br/>
If PSK cipher suites are intended, 'tlsv1.3' should be disabled from <code>versions</code>.<br/>
PSK cipher suites: <code>"RSA-PSK-AES256-GCM-SHA384,RSA-PSK-AES256-CBC-SHA384,
RSA-PSK-AES128-GCM-SHA256,RSA-PSK-AES128-CBC-SHA256,
RSA-PSK-AES256-CBC-SHA,RSA-PSK-AES128-CBC-SHA,
RSA-PSK-DES-CBC3-SHA,RSA-PSK-RC4-SHA"</code><br/>
NOTE: QUIC listener supports only 'tlsv1.3' ciphers"""
ciphers_schema_quic.label:
""""""
fields_mqtt_quic_listener_max_bytes_per_key.desc:
"""Maximum number of bytes to encrypt with a single 1-RTT encryption key before initiating key update. Default: 274877906944"""
fields_mqtt_quic_listener_max_bytes_per_key.label:
"""Max bytes per key"""
fields_mqtt_quic_listener_mtu_discovery_search_complete_timeout_us.desc:
"""The time in microseconds to wait before reattempting MTU probing if max was not reached. Default: 600000000"""
fields_mqtt_quic_listener_mtu_discovery_search_complete_timeout_us.label:
"""MTU discovery search complete timeout us"""
fields_ws_opts_check_origin_enable.desc:
"""If <code>true</code>, <code>origin</code> HTTP header will be
validated against the list of allowed origins configured in <code>check_origins</code>
parameter."""
fields_ws_opts_check_origin_enable.label:
"""Check origin"""
sysmon_vm_busy_dist_port.desc:
"""When the RPC connection used to communicate with other nodes in the cluster is overloaded,
there will be a <code>busy_dist_port</code> warning log,
and an MQTT message is published to system topic <code>$SYS/sysmon/busy_dist_port</code>."""
sysmon_vm_busy_dist_port.label:
"""Enable Busy Distribution Port monitoring."""
mqtt_max_mqueue_len.desc:
"""Maximum queue length. Enqueued messages when persistent client disconnected, or inflight window is full."""
mqtt_max_mqueue_len.label:
"""Max Message Queue Length"""
mqtt_max_inflight.desc:
"""Maximum number of QoS 1 and QoS 2 messages that are allowed to be delivered simultaneously before completing the acknowledgment."""
mqtt_max_inflight.label:
"""Max Inflight"""
persistent_session_store_enabled.desc:
"""Use the database to store information about persistent sessions.
This makes it possible to migrate a client connection to another
cluster node if a node is stopped."""
persistent_session_store_enabled.label:
"""Enable persistent session store"""
fields_deflate_opts_level.desc:
"""Compression level."""
fields_deflate_opts_level.label:
"""Compression level"""
mqtt_server_keepalive.desc:
"""The keep alive duration required by EMQX. To use the setting from the client side, choose disabled from the drop-down list. Only applicable to MQTT 5.0 clients."""
mqtt_server_keepalive.label:
"""Server Keep Alive"""
fields_mqtt_quic_listener_load_balancing_mode.desc:
"""0: Disabled, 1: SERVER_ID_IP, 2: SERVER_ID_FIXED. default: 0"""
fields_mqtt_quic_listener_load_balancing_mode.label:
"""Load balancing mode"""
persistent_session_store_session_message_gc_interval.desc:
"""The starting interval for garbage collection of transient data for
persistent session messages. This does not affect the lifetime length
of persistent session messages."""
persistent_session_store_session_message_gc_interval.label:
"""Session message GC interval"""
server_ssl_opts_schema_ocsp_refresh_http_timeout.desc:
"""The timeout for the HTTP request when checking OCSP responses."""
server_ssl_opts_schema_ocsp_refresh_http_timeout.label:
"""OCSP Refresh HTTP Timeout"""
fields_tcp_opts_send_timeout.desc:
"""The TCP send timeout for the connections."""
fields_tcp_opts_send_timeout.label:
"""TCP send timeout"""
sysmon_vm_process_high_watermark.desc:
"""The threshold, as percentage of processes, for how many
processes can simultaneously exist at the local node before the corresponding
alarm is raised."""
sysmon_vm_process_high_watermark.label:
"""Process high watermark"""
fields_tcp_opts_buffer.desc:
"""The size of the user-space buffer used by the driver."""
fields_tcp_opts_buffer.label:
"""TCP user-space buffer"""
server_ssl_opts_schema_honor_cipher_order.desc:
"""An important security setting. It forces the cipher to be set based
on the server-specified order instead of the client-specified order,
hence enforcing the (usually more properly configured) security
ordering of the server administrator."""
server_ssl_opts_schema_honor_cipher_order.label:
"""SSL honor cipher order"""
conn_congestion_min_alarm_sustain_duration.desc:
"""Minimal time before clearing the alarm.<br/>The alarm is cleared only when there's no pending data in<br/>the queue, and at least <code>min_alarm_sustain_duration</code>milliseconds passed since the last time we considered the connection 'congested'.<br/>This is to avoid clearing and raising the alarm again too often."""
conn_congestion_min_alarm_sustain_duration.label:
"""Sustain duration"""
fields_mqtt_quic_listener_keep_alive_interval_ms.desc:
"""How often to send PING frames to keep a connection alive."""
fields_mqtt_quic_listener_keep_alive_interval_ms.label:
"""Keep alive interval ms"""
fields_mqtt_quic_listener_handshake_idle_timeout_ms.desc:
"""How long a handshake can idle before it is discarded"""
fields_mqtt_quic_listener_handshake_idle_timeout_ms.label:
"""Handshake idle timeout ms"""
broker_session_locking_strategy.desc:
"""Session locking strategy in a cluster.
- `local`: only lock the session on the current node
- `one`: select only one remote node to lock the session
- `quorum`: select some nodes to lock the session
- `all`: lock the session on all the nodes in the cluster"""
persistent_store_ram_cache.desc:
"""Maintain a copy of the data in RAM for faster access."""
persistent_store_ram_cache.label:
"""RAM cache"""
fields_mqtt_quic_listener_stream_recv_window_default.desc:
"""Initial stream receive window size. Default: 32678"""
fields_mqtt_quic_listener_stream_recv_window_default.label:
"""Stream recv window default"""
mqtt_mqueue_priorities.desc:
"""Topic priorities. Priority number [1-255]
There's no priority table by default, hence all messages are treated equal.
**NOTE**: Comma and equal signs are not allowed for priority topic names.
**NOTE**: Messages for topics not in the priority table are treated as either highest or lowest priority depending on the configured value for <code>mqtt.mqueue_default_priority</code>.
**Examples**:
To configure <code>"topic/1" > "topic/2"</code>:
<code>mqueue_priorities: {"topic/1": 10, "topic/2": 8}</code>"""
mqtt_mqueue_priorities.label:
"""Topic Priorities"""
fields_rate_limit_conn_messages_in.desc:
"""Message limit for the external MQTT connections."""
fields_rate_limit_conn_messages_in.label:
"""connecting messages in"""
fields_rate_limit_max_conn_rate.desc:
"""Maximum connections per second."""
fields_rate_limit_max_conn_rate.label:
"""Max connection rate"""
alarm_size_limit.desc:
"""The maximum total number of deactivated alarms to keep as history.<br/>When this limit is exceeded, the oldest deactivated alarms are deleted to cap the total number."""
alarm_size_limit.label:
"""Alarm size limit"""
fields_cache_max_size.desc:
"""Maximum number of cached items."""
fields_cache_max_size.label:
"""Maximum number of cached items."""
fields_listeners_tcp.desc:
"""TCP listeners."""
fields_listeners_tcp.label:
"""TCP listeners"""
conn_congestion_enable_alarm.desc:
"""Enable or disable connection congestion alarm."""
conn_congestion_enable_alarm.label:
"""Enable/disable congestion alarm"""
fields_ws_opts_proxy_port_header.desc:
"""HTTP header used to pass information about the client port. Relevant when the EMQX cluster is deployed behind a load-balancer."""
fields_ws_opts_proxy_port_header.label:
"""Proxy port header"""
overload_protection_enable.desc:
"""React on system overload or not."""
overload_protection_enable.label:
"""React on system overload or not"""
fields_mqtt_quic_listener_minimum_mtu.desc:
"""The minimum MTU supported by a connection. This will be used as the starting MTU. Default: 1248"""
fields_mqtt_quic_listener_minimum_mtu.label:
"""Minimum MTU"""
sys_msg_interval.desc:
"""Time interval for publishing following system messages:
- `$SYS/brokers`
- `$SYS/brokers/<node>/version`
- `$SYS/brokers/<node>/sysdescr`
- `$SYS/brokers/<node>/stats/<name>`
- `$SYS/brokers/<node>/metrics/<name>`"""
mqtt_await_rel_timeout.desc:
"""For client to broker QoS 2 message, the time limit for the broker to wait before the `PUBREL` message is received. The wait is aborted after timed out, meaning the packet ID is freed for new `PUBLISH` requests. Receiving a stale `PUBREL` causes a warning level log. Note, the message is delivered to subscribers before entering the wait for PUBREL."""
mqtt_await_rel_timeout.label:
"""Max Awaiting PUBREL TIMEOUT"""
common_ssl_opts_schema_verify.desc:
"""Enable or disable peer verification."""
common_ssl_opts_schema_verify.label:
"""Verify peer"""
fields_listeners_ssl.desc:
"""SSL listeners."""
fields_listeners_ssl.label:
"""SSL listeners"""
fields_deflate_opts_client_max_window_bits.desc:
"""Specifies the size of the compression context for the client."""
fields_deflate_opts_client_max_window_bits.label:
"""Client compression max window size"""
common_ssl_opts_schema_keyfile.desc:
"""PEM format private key file."""
common_ssl_opts_schema_keyfile.label:
"""Keyfile"""
sysmon_os_cpu_high_watermark.desc:
"""The threshold, as percentage of system CPU load,
for how much system cpu can be used before the corresponding alarm is raised. Disabled on Windows platform"""
sysmon_os_cpu_high_watermark.label:
"""CPU high watermark"""
flapping_detect_window_time.desc:
"""The time window for flapping detection."""
flapping_detect_window_time.label:
"""Window time"""
mqtt_mqueue_default_priority.desc:
"""Default topic priority, which will be used by topics not in <code>Topic Priorities</code> (<code>mqueue_priorities</code>)."""
mqtt_mqueue_default_priority.label:
"""Default Topic Priorities"""
client_ssl_opts_schema_enable.desc:
"""Enable TLS."""
client_ssl_opts_schema_enable.label:
"""Enable TLS."""
fields_mqtt_quic_listener_mtu_discovery_missing_probe_count.desc:
"""The maximum number of stateless operations that may be queued on a binding at any one time. Default: 3"""
fields_mqtt_quic_listener_mtu_discovery_missing_probe_count.label:
"""MTU discovery missing probe count"""
fields_tcp_opts_recbuf.desc:
"""The TCP receive buffer (OS kernel) for the connections."""
fields_tcp_opts_recbuf.label:
"""TCP receive buffer"""
sysmon_vm_process_check_interval.desc:
"""The time interval for the periodic process limit check."""
sysmon_vm_process_check_interval.label:
"""Process limit check interval"""
fields_mqtt_quic_listener_server_resumption_level.desc:
"""Controls resumption tickets and/or 0-RTT server support. Default: 0 (No resumption)"""
fields_mqtt_quic_listener_server_resumption_level.label:
"""Server resumption level"""
fields_ws_opts_proxy_address_header.desc:
"""HTTP header used to pass information about the client IP address.
Relevant when the EMQX cluster is deployed behind a load-balancer."""
fields_ws_opts_proxy_address_header.label:
"""Proxy address header"""
sysmon_os_sysmem_high_watermark.desc:
"""The threshold, as percentage of system memory,
for how much system memory can be allocated before the corresponding alarm is raised. Disabled on Windows platform"""
sysmon_os_sysmem_high_watermark.label:
"""SysMem high wartermark"""
fields_tcp_opts_high_watermark.desc:
"""The socket is set to a busy state when the amount of data queued internally
by the VM socket implementation reaches this limit."""
fields_tcp_opts_high_watermark.label:
"""TCP high watermark"""
fields_mqtt_quic_listener_stateless_operation_expiration_ms.desc:
"""The time limit between operations for the same endpoint, in milliseconds. Default: 100"""
fields_mqtt_quic_listener_stateless_operation_expiration_ms.label:
"""Stateless operation expiration ms"""
server_ssl_opts_schema_dhfile.desc:
"""Path to a file containing PEM-encoded Diffie-Hellman parameters
to be used by the server if a cipher suite using Diffie-Hellman
key exchange is negotiated. If not specified, default parameters
are used.<br/>
NOTE: The <code>dhfile</code> option is not supported by TLS 1.3."""
server_ssl_opts_schema_dhfile.label:
"""SSL dhfile"""
flapping_detect_max_count.desc:
"""The maximum number of disconnects allowed for a MQTT Client in `window_time`"""
flapping_detect_max_count.label:
"""Max count"""
mqtt_max_topic_levels.desc:
"""Maximum topic levels allowed."""
mqtt_max_topic_levels.label:
"""Max Topic Levels"""
force_shutdown_max_heap_size.desc:
"""Total heap size"""
force_shutdown_max_heap_size.label:
"""Total heap size"""
persistent_store_on_disc.desc:
"""Save information about the persistent sessions on disc.
If this option is enabled, persistent sessions will survive full restart of the cluster.
Otherwise, all the data will be stored in RAM, and it will be lost when all the nodes in the cluster are stopped."""
persistent_store_on_disc.label:
"""Persist on disc"""
mqtt_ignore_loop_deliver.desc:
"""Whether the messages sent by the MQTT v3.1.1/v3.1.0 client will be looped back to the publisher itself, similar to <code>No Local</code> in MQTT 5.0."""
mqtt_ignore_loop_deliver.label:
"""Ignore Loop Deliver"""
common_ssl_opts_schema_certfile.desc:
"""PEM format certificates chain file.<br/>
The certificates in this file should be in reversed order of the certificate
issue chain. That is, the host's certificate should be placed in the beginning
of the file, followed by the immediate issuer certificate and so on.
Although the root CA certificate is optional, it should be placed at the end of
the file if it is to be added."""
common_ssl_opts_schema_certfile.label:
"""Certfile"""
mqtt_exclusive_subscription.desc:
"""Whether to enable support for MQTT exclusive subscription."""
mqtt_exclusive_subscription.label:
"""Exclusive Subscription"""
mqtt_retain_available.desc:
"""Whether to enable support for MQTT retained message."""
mqtt_retain_available.label:
"""Retain Available"""
fields_tcp_opts_reuseaddr.desc:
"""The SO_REUSEADDR flag for the connections."""
fields_tcp_opts_reuseaddr.label:
"""SO_REUSEADDR"""
sysmon_vm_long_schedule.desc:
"""When the Erlang VM detect a task scheduled for too long, a warning level 'long_schedule' log is emitted,
and an MQTT message is published to the system topic <code>$SYS/sysmon/long_schedule</code>."""
sysmon_vm_long_schedule.label:
"""Enable Long Schedule monitoring."""
mqtt_keepalive_multiplier.desc:
"""Keep-Alive Timeout = Keep-Alive interval × Keep-Alive Multiplier.
The default value 1.5 is following the MQTT 5.0 specification. This multiplier is adjustable, providing system administrators flexibility for tailoring to their specific needs. For instance, if a client's 10-second Keep-Alive interval PINGREQ gets delayed by an extra 10 seconds, changing the multiplier to 2 lets EMQX tolerate this delay."""
mqtt_keepalive_multiplier.label:
"""Keep Alive Multiplier"""
force_gc_bytes.desc:
"""GC the process after specified number of bytes have passed through."""
force_gc_bytes.label:
"""Process GC bytes"""
server_ssl_opts_schema_fail_if_no_peer_cert.desc:
"""Used together with {verify, verify_peer} by an TLS/DTLS server.
If set to true, the server fails if the client does not have a
certificate to send, that is, sends an empty certificate.
If set to false, it fails only if the client sends an invalid
certificate (an empty certificate is considered valid)."""
server_ssl_opts_schema_fail_if_no_peer_cert.label:
"""SSL fail if no peer cert"""
fields_ws_opts_compress.desc:
"""If <code>true</code>, compress WebSocket messages using <code>zlib</code>.<br/>
The configuration items under <code>deflate_opts</code> belong to the compression-related parameter configuration."""
fields_ws_opts_compress.label:
"""Ws compress"""
fields_mqtt_quic_listener_keep_alive_interval.desc:
"""How often to send PING frames to keep a connection alive. 0 means disabled."""
fields_mqtt_quic_listener_keep_alive_interval.label:
"""Keep Alive Interval"""
fields_cache_ttl.desc:
"""Time to live for the cached data."""
fields_cache_ttl.label:
"""Time to live for the cached data."""
fields_authz_cache_excludes.label:
"""Excludes"""
fields_authz_cache_excludes.desc:
"""Exclude caching ACL check results for topics matching the given patterns."""
sys_topics.desc:
"""System topics configuration."""
sys_event_client_subscribed.desc:
"""Enable to publish event message that client subscribed a topic successfully."""
sysmon_top_db_port.desc:
"""Port of the PostgreSQL database that collects the data points."""
sysmon_top_db_port.label:
"""DB Port"""
fields_mqtt_quic_listener_max_operations_per_drain.desc:
"""The maximum number of operations to drain per connection quantum. Default: 16"""
fields_mqtt_quic_listener_max_operations_per_drain.label:
"""Max operations per drain"""
fields_mqtt_quic_listener_datagram_receive_enabled.desc:
"""Advertise support for QUIC datagram extension. Reserve for the future. Default 0 (FALSE)"""
fields_mqtt_quic_listener_datagram_receive_enabled.label:
"""Datagram receive enabled"""
fields_mqtt_quic_listener_initial_rtt_ms.desc:
"""Initial RTT estimate."""
fields_mqtt_quic_listener_initial_rtt_ms.label:
"""Initial RTT ms"""
overload_protection_backoff_gc.desc:
"""When at high load, skip forceful GC."""
overload_protection_backoff_gc.label:
"""Skip GC"""
broker_perf_route_lock_type.desc:
"""Performance tuning for subscribing/unsubscribing a wildcard topic.
Change this parameter only when there are many wildcard topics.
NOTE: when changing from/to `global` lock, it requires all nodes in the cluster to be stopped before the change.
- `key`: mnesia transactional updates with per-key locks. Recommended for a single-node setup.
- `tab`: mnesia transactional updates with table lock. Recommended for a cluster setup.
- `global`: updates are protected with a global lock. Recommended for large clusters."""
fields_tcp_opts_nodelay.desc:
"""The TCP_NODELAY flag for the connections."""
fields_tcp_opts_nodelay.label:
"""TCP_NODELAY"""
fields_tcp_opts_keepalive.desc:
"""Enable TCP keepalive for MQTT connections over TCP or SSL.
The value is three comma separated numbers in the format of 'Idle,Interval,Probes'
- Idle: The number of seconds a connection needs to be idle before the server begins to send out keep-alive probes (Linux default 7200).
- Interval: The number of seconds between TCP keep-alive probes (Linux default 75).
- Probes: The maximum number of TCP keep-alive probes to send before giving up and killing the connection if no response is obtained from the other end (Linux default 9).
For example "240,30,5" means: EMQX should start sending TCP keepalive probes after the connection is in idle for 240 seconds, and the probes are sent every 30 seconds until a response is received from the MQTT client, if it misses 5 consecutive responses, EMQX should close the connection.
Default: 'none'"""
fields_tcp_opts_keepalive.label:
"""TCP keepalive options"""
sysmon_top_db_username.desc:
"""Username of the PostgreSQL database"""
sysmon_top_db_username.label:
"""DB Username"""
broker.desc:
"""Message broker options."""