1.. zephyr:code-sample:: secure-mqtt-sensor-actuator 2 :name: Secure MQTT Sensor/Actuator 3 :relevant-api: mqtt_socket sensor_interface 4 5 Implement an MQTT-based IoT sensor/actuator device 6 7Overview 8******** 9 10This sample demonstrates the implementation of an IoT sensor/actuator device. 11The application uses the MQTT protocol to securely send sensor data 12to a remote MQTT broker, while responding to commands received over MQTT. 13 14Features: 15 16- Establishing network connectivity using a DHCPv4 lease 17- Establishing a secure MQTT connection (using TLS 1.2) to MQTT broker 18- Publishing temperature sensor data in JSON format to the MQTT broker at a user-defined interval 19- Subscribing to user-defined topic(s) on MQTT broker 20- Responding to commands received over the network (LED control) 21- Handling of MQTT connection, re-connecting and keep-alive 22- Network status LED 23 24Requirements 25************ 26- Board with network capability (tested with adi_eval_adin1110ebz) 27- `Eclipse Mosquitto`_ MQTT broker 28- DHCP server 29- Network connection between the board and Mosquitto broker 30 31Build and Running 32***************** 33This application relies on an network connection between the board and an MQTT broker. 34This broker can exist locally (e.g. on a host PC) or a publicly available MQTT broker 35<https://test.mosquitto.org/> can be used. 36For quick sampling/testing, a configuration is provided to connect to a local MQTT broker 37without security, using a static IP address. 38 39Hardware Setup 40============== 41If using Ethernet, connect the board to the MQTT broker. This may be your host PC 42(for locally hosted Mosquitto broker) or your internet router 43(to connect to the public Mosquitto broker). 44If required, connect a temperature sensor to the board. 45 46Software Setup 47============== 48The temperature sensor should be aliased in devicetree as ``ambient-temp0``. 49If a board does not include an on-board temperature sensor, one can be connected externally 50and a board overlay file used to add the sensor and alias: 51 52.. code-block:: devicetree 53 54 / { 55 aliases { 56 ambient-temp0 = &adt7420; 57 }; 58 }; 59 }; 60 61It is possible to use other types of sensors, by adding them in devicetree and by changing 62``SENSOR_CHAN`` :file:`in device.c` to match the desired sensor type. 63 64There are a few ways to configure the application: 65 66.. list-table:: 67 68 * - :file:`prj.conf` 69 - Default config: Secure MQTT, dynamic IP address (DHCP) 70 71 * - :file:`overlay-static.conf` 72 - Secure MQTT, static IP address 73 74 * - :file:`overlay-static-insecure.conf` 75 - Unsecure MQTT, static IP address 76 77**Default Config:** 78 79Using the default config, the application will use DHCP to acquire an IP address and attempt 80to securely connect to an MQTT broker using TLS 1.2. 81 82- The MQTT broker to which the board will connect is specified by 83 ``CONFIG_NET_SAMPLE_MQTT_BROKER_HOSTNAME``. 84 By default, this is set to test.mosquitto.org. 85- Connecting securely using TLS, requires the inclusion of the broker's CA certificate 86 in the application. 87- Download the CA certificate in DER or PEM format from https://test.mosquitto.org 88- In :file:`tls_config/cert.h`, set ``ca_certificate[]`` to the contents of the cert. 89- By connecting the board to your internet router, it should automatically be assigned 90 an IPv4 address using DHCP. 91- The application will then attempt to connect to the public Mosquitto broker 92 and begin publishing data. 93- It is also possible to connect securely to a locally hosted MQTT broker. 94 This will require provisioning of certificates. 95 The CA cert should be included in the build as described above. 96 ``CONFIG_NET_SAMPLE_MQTT_BROKER_HOSTNAME`` should be configured to match the 97 local broker hostname/IP address. 98 Depending on the CA cert being used, additional MbedTLS config options may need to be enabled. 99 This can be done using Kconfig or using a custom MbedTLS config file 100 (see modules/mbedtls/Kconfig). 101 See https://mosquitto.org/man/mosquitto-tls-7.html for more info on setting up 102 TLS support for Mosquitto locally. 103- A DHCP server can be installed on the host PC to handle assigning an IP to the board 104 e.g. dnsmasq (Linux) or DHCP Server for Windows (Windows). 105- Build the sample with default config: 106 107.. zephyr-app-commands:: 108 :zephyr-app: samples/net/secure_mqtt_sensor_actuator 109 :board: adi_eval_adin1110ebz 110 :goals: build 111 :compact: 112 113**Static IP Config:** 114 115Use the :file:`overlay-static.conf` Kconfig overlay to disable DHCP and use 116a static IP address config. 117The device, gateway, and DNS server IP addresses should be set according to 118your local network configuration. 119 120.. zephyr-app-commands:: 121 :zephyr-app: samples/net/secure_mqtt_sensor_actuator 122 :board: adi_eval_adin1110ebz 123 :conf: "prj.conf overlay-static.conf" 124 :goals: build 125 :compact: 126 127**Static IP/Unsecure MQTT Config:** 128 129Use the :file:`overlay-static-insecure.conf` Kconfig overlay to disable TLS and DHCP. 130This config requires connecting to a locally hosted Mosquitto MQTT broker. 131 132- In :file:`overlay-static-insecure.conf`, set the IP address of the board and the Mosquitto 133 broker (i.e. IP address of Ethernet port on host PC). These addresses should be in the 134 same subnet e.g. 192.0.2.1 and 192.0.2.2. 135- On your host PC, install Mosquitto. 136- Create a file called ``unsecure.conf`` with the following content: 137 138.. code-block:: console 139 140 listener 1883 0.0.0.0 141 allow_anonymous true 142 143 144- Start a Mosquitto broker using the configuration file: 145 146.. code-block:: console 147 148 $ sudo mosquitto -v -c unsecure.conf 149 150- Build the sample with quick test config: 151 152.. zephyr-app-commands:: 153 :zephyr-app: samples/net/secure_mqtt_sensor_actuator 154 :board: adi_eval_adin1110ebz 155 :conf: "prj.conf overlay-static-insecure.conf" 156 :goals: build 157 :compact: 158 159Using the Sample 160================ 161- Once the board establishes an MQTT connection with the Mosquitto broker, the network 162 LED will turn on and the board will begin publishing sensor readings in JSON format 163 at a regular interval determined by ``CONFIG_NET_SAMPLE_MQTT_PUBLISH_INTERVAL``. 164 165- Use Mosquitto to subscribe to the sensor data being sent from the board: 166 167.. code-block:: console 168 169 $ mosquitto_sub -d -h <test.mosquitto.org/local broker IP> -t zephyr_sample/sensor 170 171- The application will subscribe to a topic determined by ``CONFIG_NET_SAMPLE_MQTT_SUB_TOPIC_CMD``. 172 If a supported command string is received by the board on this topic, the board will execute 173 an associated command handler function. 174 Supported commands (defined in :file:`device.c`): 175 176 - ``led_on``, turn on board LED 177 - ``led_off``, turn off board LED 178 179- Use Mosquitto to publish these commands to the MQTT broker: 180 181.. code-block:: console 182 183 $ mosquitto_pub -d -h <test.mosquitto.org/local broker IP> --cafile <path/to/ca.crt> -t zephyr_sample/command -m "led_on" 184 185- The Quality of Service (QoS) level that is used for MQTT publishing and 186 subscriptions can be configured using Kconfig. 187 188Sample output 189============= 190 191.. code-block:: console 192 193 *** Booting Zephyr OS build v3.6.0-2212-g2c9c4f3733e9 *** 194 [00:00:00.181,000] <inf> app_device: Device adt7420@48 is ready 195 [00:00:00.181,000] <inf> app_device: Device leds is ready 196 [00:00:00.181,000] <inf> app_main: MAC Address: 00:E0:FE:FE:DA:C8 197 [00:00:00.181,000] <inf> app_main: Bringing up network.. 198 [00:00:00.801,000] <inf> net_dhcpv4: Received: 192.168.1.17 199 [00:00:00.801,000] <inf> app_main: Network connectivity up! 200 [00:00:00.818,000] <inf> app_mqtt: Connecting to MQTT broker @ 91.121.93.94 201 [00:00:01.154,000] <inf> net_mqtt: Connect completed 202 [00:00:01.197,000] <inf> app_mqtt: Connected to MQTT broker! 203 [00:00:01.197,000] <inf> app_mqtt: Hostname: test.mosquitto.org 204 [00:00:01.198,000] <inf> app_mqtt: Client ID: adi_eval_adin1110ebz_9a 205 [00:00:01.198,000] <inf> app_mqtt: Port: 8883 206 [00:00:01.198,000] <inf> app_mqtt: TLS: Enabled 207 [00:00:01.198,000] <inf> app_mqtt: Subscribing to 1 topic(s) 208 [00:00:01.238,000] <inf> app_mqtt: SUBACK packet ID: 5841 209 [00:00:04.200,000] <inf> app_mqtt: Published to topic 'zephyr_sample/sensor', QoS 1 210 [00:00:04.319,000] <inf> app_mqtt: PUBACK packet ID: 1 211 [00:00:07.202,000] <inf> app_mqtt: Published to topic 'zephyr_sample/sensor', QoS 1 212 [00:00:07.323,000] <inf> app_mqtt: PUBACK packet ID: 2 213 [00:00:10.204,000] <inf> app_mqtt: Published to topic 'zephyr_sample/sensor', QoS 1 214 [00:00:10.322,000] <inf> app_mqtt: PUBACK packet ID: 3 215 [00:00:12.769,000] <inf> app_mqtt: MQTT payload received! 216 [00:00:12.769,000] <inf> app_mqtt: topic: 'zephyr_sample/command', payload: led_on 217 [00:00:12.770,000] <inf> app_device: Executing device command: led_on 218 219.. _Eclipse Mosquitto: https://mosquitto.org/download/ 220
