Initial commit

.gitignore

@@ -0,0 +1 @@
+.vagrant

example/Vagrantfile

@@ -0,0 +1,87 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "generic/ubuntu2004"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  # config.vm.provider "virtualbox" do |vb|
+  #   # Display the VirtualBox GUI when booting the machine
+  #   vb.gui = true
+  #
+  #   # Customize the amount of memory on the VM:
+  #   vb.memory = "1024"
+  # end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+
+  config.vm.provision "file", source: "~/torch-client/torch.conf", destination: "~/torch/"
+  config.vm.provision "file", source: "~/torch-client/torch-pub.py", destination: "~/torch/"
+  config.vm.provision "file", source: "~/torch-client/torch.service", destination: "~/torch/"
+  config.vm.provision "file", source: "~/torch-client/install-ubuntu2004.sh", destination: "~/torch/"
+
+  config.vm.provision "file", source: "~/torch-client/example/torch-conf", destination: "~/torch-conf"
+
+  config.vm.provision "shell", inline: <<-SHELL
+  
+	sudo -- sh -c "echo '192.168.100.2 mqtt.bjdweck.com' >> /etc/hosts"
+	
+    cd torch
+    sudo ./install-ubuntu2004.sh
+
+	sudo cp -f ../torch-conf/* /etc/torch/
+    sudo chown -R torch /etc/torch
+
+    sudo systemctl restart torch
+
+  SHELL
+end

example/broker/ca.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID+TCCAuGgAwIBAgIUQtnDzZO24MmJdNOmVP6IDYWZc6kwDQYJKoZIhvcNAQEL
+BQAwgYsxCzAJBgNVBAYTAklMMRIwEAYDVQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcM
+CUplcnVzYWxlbTEUMBIGA1UECgwLYmpkd2Vjay5jb20xHDAaBgNVBAMME2NhLm1x
+dHQuYmpkd2Vjay5jb20xIDAeBgkqhkiG9w0BCQEWEWJqZHdlY2tAZ21haWwuY29t
+MB4XDTIwMTAwMTA3NTUyNloXDTI1MDkzMDA3NTUyNlowgYsxCzAJBgNVBAYTAklM
+MRIwEAYDVQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcMCUplcnVzYWxlbTEUMBIGA1UE
+CgwLYmpkd2Vjay5jb20xHDAaBgNVBAMME2NhLm1xdHQuYmpkd2Vjay5jb20xIDAe
+BgkqhkiG9w0BCQEWEWJqZHdlY2tAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAzQHL+3P/y/boB2LU/BBFVbK2wdsBsHkCTDc0EDrrrQ7G
+TJ4VQX2lXvWDJyhcb843kXeOux2Gq6y0eK3bkI706syZNY16t2CD/cYOSkWXviYa
++4FlNbG/W+AIx5x5xcM17w60sAiP3uHlZ+K9J6nbmaY7b7PX+22MtaDfq7f/j36H
+N+5MW7xRvH1BzPp6R6twShy+8AoTKt78V6jxabVq1aC2kmzqyaL08UjyN5MDmIIL
+LCHH9XFiWfr851PC2tkMB45Swbj8ngyFMRt4R6RRpnobWmj8n0R4wIkJkIOsaVD3
+vbwoHgjDJjQtB9NKu40xtEsjW9Lf+xMGZYUi5sEONwIDAQABo1MwUTAdBgNVHQ4E
+FgQUlXEvVPtVw5Blc3EhaZvlNNtSPpUwHwYDVR0jBBgwFoAUlXEvVPtVw5Blc3Eh
+aZvlNNtSPpUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAvArw
+TmpQefmqDe1JzJLlOcDMXfK/wIbwIqDnE5ncvVDyexx6gd+Jdk3ANS9M6p9bawpF
+dBIT0xnFGY3bdzeKlx30JgWE/8q8ip/jcu6VJJvoxa49m/SEmzwx7buuG/YAsU4N
+y5hwi/vn9YkN15hImYmZ2WJQ1ml0C3zHu5PwAHP0+snwxk8PW1makwHls8JTpgMp
+FOp1uLfdffe14siICOwp+wcuNgS+ueN5oJHLl6Z+D68SZfIkz4jyik9lhlnATtOr
+IGfp3Jb6v0px5chjpM+LJCImpvZ0PuIs9Uw5wKgHvlMGZwJRjhptK2fH2kEDohoz
+4mI3SBL13CKmHndH3Q==
+-----END CERTIFICATE-----

example/broker/ca.key

@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F14B332FBF60A303
+
+e3rIZ72o2uinOxd5qrM8tNfsD7Ay/RWFlqtcPhcDJFJOf5VHKNrXsH6e4A62y0fF
+dWO7attdlHZqEg/i8pLur04M3nqkETTPtl3mt3H8hntA4NtgXumwlD/LgyoJc8kF
+LBhjP0g8E+PgkKvcun3QSSeRSoe4WleYvNkfSSkEjplAaIM+pv4c9+LWaLLzf3Hv
+elKio52H5Kx84WKDSyN9MRA1ut27ksB1rcw8X8G3gdeFziSExI+ZMwk0ZpnGEp+6
+WuOftStKX2MOT137KvuUO04ZczxGg+DrhC4zmVMLk3FXEm+w3rsadlsCLg1ptVFo
+yD1eOpSvIrKCuu0409hhE+nvDX1u7zjF0q9+b5fKMT9246bJlgf1hBctDWMsTdC6
++jqDNEO3ulCFRWxIziO/AxNDTg/Vfw0p0eHTZU8aAP6AppRiv+XyB5Dm1+sMUAxO
+xiJDtVTXSeSx6dZiMHA70qBNCqZLQPhOXx296Q+9KBcz3IqOZSptW+BcbhR5ATlS
+e4HC+a9VudcgqH0ZpUe+qMv8TN7DNxV3N6GFNpE6sjerp1AN2/Qpb6sMwVniniAT
+b9vpBJXj2lgchgU+riDLufnMXLt9jl6FUeW1YKGsktAcHsfGOm9xpwuhoalh04Fs
+TtmxrSDHvAZ40GCA+SSBIRxJRIaCssw050NS1UirQ3vAbRz+mszDVl4NeXa66fgm
+jNg2BTvV/Vhzs/TP6NZRWo2H5S1Wkd05+Pg6kbiEaSBBt0uA58LXsmtHdedFwWDV
+/DuIMobyp3rx9deZ9WUg9NF8YVsZWMfAn1Vx2D4ta2oVIETjO5jh4eHv1ZjebQoA
+W3oQnpGQcpQ5Ai5tg6tPp9euXBKQn7CyggZ6Q82jSuvzeM5GJqxd8FGmN8Iuf30v
+HcvvrQMJ7V36o19J3TfccNuSFdtihSqEZQm7qczex/ceVYOE4ZztQNVlSDUcMWHW
+R+GL04cF4N4jT/HWsEGp1//pHu8Cu4SerJnqiqIvWsbLycILlf/cBZL+KqQ05K/T
+8cFBxIFh5e6pwoGh3pV6vesFSNYwrW/lId3WWYRmiestBVKpgwCGAal37VS+i/FY
+BLzQ9kzyO5tI5pcIgaGz7hhnlmjqnrjOvrAVllJImuI7mFNlP3FCtdcJZKY+kK3U
+QbCULRyGPh5IbX9oT1XdOvgVUsWRgj4dpwV08GKF+3JzPgCaJjpUlTMIrtAdyCv1
+/gMjA49ufxpMPb55Rp2Dmp8npq+FoNzDBSegBxJdJH5aYzCF2x7gERAE7OliTwDT
+7IADHIoD5VoysE08TDdgHLUgp8L2mO6CojsAJfpTinm0nByURc4dFeFhXGmkkEdx
++FP5p4Be/T1m9y5vyLHdnL51mfrDlUlhvHRTRn15YoDRTPrWkwRtLIZEDpwNxjG3
+y1xqsOlL7RfEy7pSM5JqRC1H10Aw6iW1m/UYXWmMjFAyqj4DkT9mEchK15TwhPJ4
+hYQTR+eSi4BHpTEUTkO2ByUBpZ0w9S3ScL5DpD8u+ot7hLLlLR2wVNhgq85up2Lc
+36fMZDLMvuotRCUz4d7CTMWx0QwDhrIGt3WmsEQazj0eCm/2XbV+eQ==
+-----END RSA PRIVATE KEY-----

example/broker/ca.srl

@@ -0,0 +1 @@
+501405D94F5C467905D00ADEF6B53DD8BA2B864A

example/broker/client.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnoCFFAUBdlPXEZ5BdAK3va1Pdi6K4ZJMA0GCSqGSIb3DQEBCwUAMIGL
+MQswCQYDVQQGEwJJTDESMBAGA1UECAwJSmVydXNhbGVtMRIwEAYDVQQHDAlKZXJ1
+c2FsZW0xFDASBgNVBAoMC2JqZHdlY2suY29tMRwwGgYDVQQDDBNjYS5tcXR0LmJq
+ZHdlY2suY29tMSAwHgYJKoZIhvcNAQkBFhFiamR3ZWNrQGdtYWlsLmNvbTAeFw0y
+MDEwMDEwODAzMjJaFw0yMTA5MjYwODAzMjJaMH8xCzAJBgNVBAYTAklMMRIwEAYD
+VQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcMCUplcnVzYWxlbTEUMBIGA1UECgwLYmpk
+d2Vjay5jb20xEDAOBgNVBAMMB3ZhZ3JhbnQxIDAeBgkqhkiG9w0BCQEWEWJqZHdl
+Y2tAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzurA
+n0OwXj5ClFiKn/v76vtwGX3eSyxViCUTyctp4TysyORwbKW2ojzZceXuEg++q/FD
+k4VkPXgJ+yYRePt3akvlTwPWHpf2OfCf7irStbxrrSQbIb8xODoj6IaKlPMNgezQ
+/kZwuymqNil7k4bx7I1ii/xpD1A+YuWLn6Km6fBRS85JPte5vYexvMZWdH398/87
+8dttzQ5Slcp3MMVWwSmWb3LyEECqc2TC+C2dDFbGb0c0b7iYrYJXxoJmY+rb5f48
+rxrJ4pyhWax7lWQz2NobJlpRE1g4LspsQWEEnXE3MEgImALlj3Zd06l+mK2PRD3u
+6v1UUXK+Ry7OiH6DZQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAX4HvdZOYjmfzz
+eSV/84WavlDgzO0w4xzOZr68bxE3rKpC6uBu9hI14FMllCO/bimZpYVfTVuwju/a
+85HzpM+kOVDXquN7H6Ta8b3LUlHJ3FyFixHSwe7DFrskgnls4eVppzalSGVS1cHQ
+0uEALXKqXj1x13PH4K+67Ue/pKYUbhV8WGBwMkEkxoM/igBFl9uahVhUpRFLLMah
+JLHw3nauLU+swi+In9r9e0wDw+3lCCcZP5KzkGhCAv67yKg9STSw6n1yGvE9HKQn
+S1GdA7nWu06XJVQ9FOVTKzrAKnPVf02+SiNl/BUcpENe11oNvntxstpUeh76lHE6
+Ql/lCgTl
+-----END CERTIFICATE-----

example/broker/client.csr

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICxDCCAawCAQAwfzELMAkGA1UEBhMCSUwxEjAQBgNVBAgMCUplcnVzYWxlbTES
+MBAGA1UEBwwJSmVydXNhbGVtMRQwEgYDVQQKDAtiamR3ZWNrLmNvbTEQMA4GA1UE
+AwwHdmFncmFudDEgMB4GCSqGSIb3DQEJARYRYmpkd2Vja0BnbWFpbC5jb20wggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO6sCfQ7BePkKUWIqf+/vq+3AZ
+fd5LLFWIJRPJy2nhPKzI5HBspbaiPNlx5e4SD76r8UOThWQ9eAn7JhF4+3dqS+VP
+A9Yel/Y58J/uKtK1vGutJBshvzE4OiPohoqU8w2B7ND+RnC7Kao2KXuThvHsjWKL
+/GkPUD5i5Yufoqbp8FFLzkk+17m9h7G8xlZ0ff3z/zvx223NDlKVyncwxVbBKZZv
+cvIQQKpzZML4LZ0MVsZvRzRvuJitglfGgmZj6tvl/jyvGsninKFZrHuVZDPY2hsm
+WlETWDguymxBYQSdcTcwSAiYAuWPdl3TqX6YrY9EPe7q/VRRcr5HLs6IfoNlAgMB
+AAGgADANBgkqhkiG9w0BAQsFAAOCAQEAEAqLLIYo4v9PEIwejQWQmLQRuiK56O4U
+PM71HNR1+JB3OdFBNjwC3oByKreg72Ect1EdbhA/pV4oR6W9HzsW1ELIgWKgLwcp
+uN2lTFHd+9WzKNp64jwomDGZYn4U1HE2cJS00BM3CD05/nXywJNDVmrCXSS8sUKH
+K9mwhTneXwXpaILvZhTyyiw4Ni+EjNXIIbVm6J5zNMLX4ysiuiQl4HsRi6v8xsdb
+HIUe5apnW0JGM7EhKnCXC5qtVV844bxmTvno42EggYB4KgrCpdNppfZKd3cxbrhH
+LoyzZp0ZSTHFgdszhzEKO9dA2kj1M3DazM7cL1Yi4GooHJkXhkMBoA==
+-----END CERTIFICATE REQUEST-----

example/broker/client.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzurAn0OwXj5ClFiKn/v76vtwGX3eSyxViCUTyctp4TysyORw
+bKW2ojzZceXuEg++q/FDk4VkPXgJ+yYRePt3akvlTwPWHpf2OfCf7irStbxrrSQb
+Ib8xODoj6IaKlPMNgezQ/kZwuymqNil7k4bx7I1ii/xpD1A+YuWLn6Km6fBRS85J
+Pte5vYexvMZWdH398/878dttzQ5Slcp3MMVWwSmWb3LyEECqc2TC+C2dDFbGb0c0
+b7iYrYJXxoJmY+rb5f48rxrJ4pyhWax7lWQz2NobJlpRE1g4LspsQWEEnXE3MEgI
+mALlj3Zd06l+mK2PRD3u6v1UUXK+Ry7OiH6DZQIDAQABAoIBAA18EQeQErthlVcz
+mf0pH9bFgh23LTh68CwKNortHb5XBO+mq4j5F7jk/ErG8EfvDL8J3xyLEehLnWLn
+rTXUNYkQ3yXSGy8tOhe2jcWotsivOdkzxCzj1+JRL6vksL1aRaQU+d3IW2pnIbeb
+5njLz5JZ+HUlAvfDg/1P9lR19ijCqXrMjl2lDazcDTF8jPgwCUhXdvmVzOVinCxT
+lnhQizukxvg7PUsUVrR3qX16CUEAvav0N/zyqclyrsTEg2hYg+PW8NXGnLpbE7pH
+F6GiB8zKaFsrjC2EXRVjXZQsLVusUmyB4z14w0fcsEOTtrR8lP7dQkyxQoRaTo/C
+lukUMYECgYEA++Fkl9hQ5zY6iJlLUhxiJjv0ZNe0jWvtONVQasA7JtmMBTh3ZRTW
+ipqOdDQsd/Whsw6h0loZ/RS72hMNGFqeGmIQEHvb4swqPB87frp3UCTCQGXIAjSL
+Bx5K0NPfgYfC4jRAr3gAEqXeVumrxdDsmN5Ua6+c3WHcXMczd16vLUUCgYEA0k0Z
+uWuYqkEwYwHuEqAYZd8ynu+rIh8bIhZS66ikWQMBzwLxY7mQQjQpkM9r2khG/K3L
+U/0gF5qqToB+OapcYspPHRzNOlhU5n7nEr/aZvsbzTs2deMGVmvg80QpnAdBPKjQ
+hNvrhbu+BVb2NmaTQo3Q/NnxNHyTJjdTlzK8D6ECgYEAuKBAAeV3d+MSCKqEwU04
+zFnKDFjoaXkgyzXg2j7JnPJ9Zh47tgYONE6R+K99oPiVbBBfoTaWMiIOiAzK3n0d
+wqz6pXqEdLu+gY9LJts7Na2cDWQNtUAaYD9eC7Ah9moy+Wffuj61nvWiAgcJ99fq
+dSsSqlRxIPzob8E8AlWPBhkCgYEAnd4s+mlQADbRiPFQ84Bk8Exd5rvJvuKU7sDN
+XISLYxqDyA/Qf2k0Zs5biY57yy/IwjQA17rD1ZRQVn/UwZsmoS53t0YAtdTLXwBS
+nFuTKw1D8IuLtXFIN6XiBxvbFHrJuSyM479njUvDOKTwTSQxVZu6D6XXkOwXVm/f
++zelvyECgYALWlLKvODf2+J08M6v71EcSVN14KcdRhBsMM/zaarLmCvY8RqpURHm
+AN6f1C1McEOTuANgAPNRdkwpAsW5aRiNR2yJLqBHq7bVAyCnxk87YuOwekDi8lJV
+1jVixWRsXQyuZ1pQHhCzT5aM6MTEGQf8pLcuBuaFkThMXPdhh2kKRQ==
+-----END RSA PRIVATE KEY-----

example/broker/mosquitto.conf

@@ -0,0 +1,9 @@
+listener 8883
+connection_messages true
+log_type all
+websockets_log_level 9
+cafile /mosquitto/config/ca.crt
+keyfile /mosquitto/config/server.key
+certfile /mosquitto/config/server.crt
+require_certificate true
+use_identity_as_username true

example/broker/run-mosquitto.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/bash
+
+docker run -it --rm --user $(echo $UID) --name mosquitto -p 8883:8883 -v $(pwd):/mosquitto/config eclipse-mosquitto

example/broker/server.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDnDCCAoQCFFAUBdlPXEZ5BdAK3va1Pdi6K4ZKMA0GCSqGSIb3DQEBCwUAMIGL
+MQswCQYDVQQGEwJJTDESMBAGA1UECAwJSmVydXNhbGVtMRIwEAYDVQQHDAlKZXJ1
+c2FsZW0xFDASBgNVBAoMC2JqZHdlY2suY29tMRwwGgYDVQQDDBNjYS5tcXR0LmJq
+ZHdlY2suY29tMSAwHgYJKoZIhvcNAQkBFhFiamR3ZWNrQGdtYWlsLmNvbTAeFw0y
+MDEwMDEwODA4MDBaFw0yMTA5MjYwODA4MDBaMIGIMQswCQYDVQQGEwJJTDESMBAG
+A1UECAwJSmVydXNhbGVtMRIwEAYDVQQHDAlKZXJ1c2FsZW0xFDASBgNVBAoMC2Jq
+ZHdlY2suY29tMRkwFwYDVQQDDBBtcXR0LmJqZHdlY2suY29tMSAwHgYJKoZIhvcN
+AQkBFhFiamR3ZWNrQGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAK/ccO7KMVo0QY0ZTC/JZu2AJ7381HimKMptShgcVWMgNjxRPhgMXK2+
+bwpLFOe8qamF3WgPYhcjRnUxhf0D7ijNE2If02e0Xv1esMwwiB3No7ucuVIhKw48
+XzWxfoZHSVG6NPrdk5+hbIFBlWjmh/bQ307fccvkodzaT0E8oVjg+5z93uqQoFot
+chSgxL4mHbtjZO5CDQsKx46xDA0sUmz/u/Pb7mF+/NHVNerGlEuGF8bWz4czGvr7
+XBtu3IDDUyK/DRrfz77tYGD5GxHKEiT0aIQMjarPvFOTDOCPm/7PRM7joMEs1/4l
+m9n0XUPiC46w3VWY2us7NMsHTe1FnPsCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA
+giN2oR4RqGVYaDdTIqA76bkgVwAFPcKFe9oyjohTBynJP1Qs0XXZ14TUAbnMAHcd
+UFhg0jqQCB8B9gHVbU2eSPs4FNQECEH/BW9r8zAQab4pK5r3HfbkGB9Qtk19jpGa
+RRBvdrXwikazEZ5fwe7Lh1zEcJL17m7ehinfQs+0toQxpHeHqJYxrk6W9JaoIorR
+X151c87bEQTNB7IWu+nCLBI2mHsr+/O1zFGtfJ4dup+lWryvl0U/p1DFHpNeVGQh
+2imTqDnnmVHjH0QpYK5Ov327gVuFe6VkjuOW/befkSzfObam/5iWUHKR042nCQ5e
+wtJwiuBceMnLze/MaqdFgQ==
+-----END CERTIFICATE-----

example/broker/server.csr

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICzjCCAbYCAQAwgYgxCzAJBgNVBAYTAklMMRIwEAYDVQQIDAlKZXJ1c2FsZW0x
+EjAQBgNVBAcMCUplcnVzYWxlbTEUMBIGA1UECgwLYmpkd2Vjay5jb20xGTAXBgNV
+BAMMEG1xdHQuYmpkd2Vjay5jb20xIDAeBgkqhkiG9w0BCQEWEWJqZHdlY2tAZ21h
+aWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9xw7soxWjRB
+jRlML8lm7YAnvfzUeKYoym1KGBxVYyA2PFE+GAxcrb5vCksU57ypqYXdaA9iFyNG
+dTGF/QPuKM0TYh/TZ7Re/V6wzDCIHc2ju5y5UiErDjxfNbF+hkdJUbo0+t2Tn6Fs
+gUGVaOaH9tDfTt9xy+Sh3NpPQTyhWOD7nP3e6pCgWi1yFKDEviYdu2Nk7kINCwrH
+jrEMDSxSbP+789vuYX780dU16saUS4YXxtbPhzMa+vtcG27cgMNTIr8NGt/Pvu1g
+YPkbEcoSJPRohAyNqs+8U5MM4I+b/s9EzuOgwSzX/iWb2fRdQ+ILjrDdVZja6zs0
+ywdN7UWc+wIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAFaUhJQNRz8XHq2dN7OQ
+cVfV2gNjcciqOudZuh50Ca65jiDIUXH+GsQgNlB0W6x4vErr8ORrwFZO/vf/gw5P
+L5OzBrFf6/KsWe/JfN8JK3xgWCfbuuAWj6o8XDsscnP9czLwnNP9gisPMekE3TQP
+1f9py8XFv5bnmgvtyyD1zmvBtlzi0Cuh6TdgMyapg4EdVQQqgIU7czspHweAOSho
+/qIGYA7ourh4CBLPFTdVI39gxA3vLZLFXb3ptT/ywY34audGsmtGMwExTCLIq7zV
+7elZ6JyK3hO5TAR25KsMewaFRDvTi28ayr8eJGWO36LqbEo6aXKQYFvfBZLrLdha
+DBE=
+-----END CERTIFICATE REQUEST-----

example/broker/server.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAr9xw7soxWjRBjRlML8lm7YAnvfzUeKYoym1KGBxVYyA2PFE+
+GAxcrb5vCksU57ypqYXdaA9iFyNGdTGF/QPuKM0TYh/TZ7Re/V6wzDCIHc2ju5y5
+UiErDjxfNbF+hkdJUbo0+t2Tn6FsgUGVaOaH9tDfTt9xy+Sh3NpPQTyhWOD7nP3e
+6pCgWi1yFKDEviYdu2Nk7kINCwrHjrEMDSxSbP+789vuYX780dU16saUS4YXxtbP
+hzMa+vtcG27cgMNTIr8NGt/Pvu1gYPkbEcoSJPRohAyNqs+8U5MM4I+b/s9EzuOg
+wSzX/iWb2fRdQ+ILjrDdVZja6zs0ywdN7UWc+wIDAQABAoIBAFinWk8mosaEfV8y
+F5QnhbnI10ARitLfgMS7X5TUA7+a53x0wEbDRJ1Z2QRpYTqJg0Ywc7MXvi1H3ScL
+Ni6copzy9QiMXrhy10gHSj1FYfkUR6w2j731do0QpjadKdlramzG4BpvRRI+AEMQ
+2s8tF/G2zjwmrGlK8sYxT67lb7krq/bfl5Ep3U+1MOTwHzf7xeLVOGLqJIY2efgc
+cSVz69KD5sRGksPPEp9OG+OmZXKsU5YJ+1MJ1hlAQa9btCkmWQ/PT3bFpvEtENv2
+jkb62w+JuO4mKvTXFY1d7IqqERjhVUHE4xLK1m4RdHFCC5JznXOsHqucj13rdly6
+XNBThbECgYEA18AC6oF8Ag3b1V70aaJORCWP3YmyWiOqo7R+xj542Io1SwcmEAea
+o0V9Mwz74CD5gyC03nevSkMK5qva4fjr5SakpBjey9dijwbgGVlpY9xMqtOD+vEj
+vBOQZU7BNmY284op1UGd6ZaB2kPQU+nir2Ep8Vz+a+nRDVTx8futZbcCgYEA0Ktg
+eWMSbfcgT4BG9K+uBhLFwgCpXeIBdzE530M3kLXF89Q6089c4m7YxOEHTiOfo+0s
+8x0kvvst6e6dO/gZnfKdrZE4rwzgDX0wKGe0lTi7woaW2mR7nYdZOSWNhuhvDAyI
+CsLBXZNT1SdwkkA7VdxHKcbFFxHxoSEPQbuBot0CgYAf2o2TqgJxGzK10gsr/Xao
+wRL4lnfqrxFmkiOViWu2LNGpfii0fSrrqDrP6r7VXIj6Pz31Cp6qzDMz03PBoUrS
+zl3IjJN4bRh0HYPAul7BC6mWHxyBVFD+V7Ud//6u1XCPjHqYrdNuxXXuj8yWVxXM
+5v+WTzCRJjhjS4NdQtdbCQKBgQC3bT5j1fPYWDi9ycwVwOxfiFbwH3bCAS46oTn3
+CPYqLa8xk+iWUhybKsc/4XNze5sUFSPDHWY0v0Vv8oGiuoeCMUfrz9EdB1tYYCha
+DDdQSMu7xmWK2nNTWSvUMS+EXINo+wcHNoWVhTFXGNE6rl26LuUbUw/jJLHbat0n
+cfUVvQKBgQC9ha2bc6VBPh5qP7pvmiMXYs0kd+oauJ0U84svhUoLWhJ024Tg/Yal
+3fnxBmZPtx1o/qQqLoI5jiNS1gpJ1Vur1j7QDiPWtE/ol2zCvm6ScppTFDXeNuJv
+aY0SYSUDPdCO3gdSOrNjTBBQpNAdy8hJ9megoBIaMvYGcepVzmrhUg==
+-----END RSA PRIVATE KEY-----

example/torch-conf/ca.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID+TCCAuGgAwIBAgIUQtnDzZO24MmJdNOmVP6IDYWZc6kwDQYJKoZIhvcNAQEL
+BQAwgYsxCzAJBgNVBAYTAklMMRIwEAYDVQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcM
+CUplcnVzYWxlbTEUMBIGA1UECgwLYmpkd2Vjay5jb20xHDAaBgNVBAMME2NhLm1x
+dHQuYmpkd2Vjay5jb20xIDAeBgkqhkiG9w0BCQEWEWJqZHdlY2tAZ21haWwuY29t
+MB4XDTIwMTAwMTA3NTUyNloXDTI1MDkzMDA3NTUyNlowgYsxCzAJBgNVBAYTAklM
+MRIwEAYDVQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcMCUplcnVzYWxlbTEUMBIGA1UE
+CgwLYmpkd2Vjay5jb20xHDAaBgNVBAMME2NhLm1xdHQuYmpkd2Vjay5jb20xIDAe
+BgkqhkiG9w0BCQEWEWJqZHdlY2tAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAzQHL+3P/y/boB2LU/BBFVbK2wdsBsHkCTDc0EDrrrQ7G
+TJ4VQX2lXvWDJyhcb843kXeOux2Gq6y0eK3bkI706syZNY16t2CD/cYOSkWXviYa
++4FlNbG/W+AIx5x5xcM17w60sAiP3uHlZ+K9J6nbmaY7b7PX+22MtaDfq7f/j36H
+N+5MW7xRvH1BzPp6R6twShy+8AoTKt78V6jxabVq1aC2kmzqyaL08UjyN5MDmIIL
+LCHH9XFiWfr851PC2tkMB45Swbj8ngyFMRt4R6RRpnobWmj8n0R4wIkJkIOsaVD3
+vbwoHgjDJjQtB9NKu40xtEsjW9Lf+xMGZYUi5sEONwIDAQABo1MwUTAdBgNVHQ4E
+FgQUlXEvVPtVw5Blc3EhaZvlNNtSPpUwHwYDVR0jBBgwFoAUlXEvVPtVw5Blc3Eh
+aZvlNNtSPpUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAvArw
+TmpQefmqDe1JzJLlOcDMXfK/wIbwIqDnE5ncvVDyexx6gd+Jdk3ANS9M6p9bawpF
+dBIT0xnFGY3bdzeKlx30JgWE/8q8ip/jcu6VJJvoxa49m/SEmzwx7buuG/YAsU4N
+y5hwi/vn9YkN15hImYmZ2WJQ1ml0C3zHu5PwAHP0+snwxk8PW1makwHls8JTpgMp
+FOp1uLfdffe14siICOwp+wcuNgS+ueN5oJHLl6Z+D68SZfIkz4jyik9lhlnATtOr
+IGfp3Jb6v0px5chjpM+LJCImpvZ0PuIs9Uw5wKgHvlMGZwJRjhptK2fH2kEDohoz
+4mI3SBL13CKmHndH3Q==
+-----END CERTIFICATE-----

example/torch-conf/client.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnoCFFAUBdlPXEZ5BdAK3va1Pdi6K4ZJMA0GCSqGSIb3DQEBCwUAMIGL
+MQswCQYDVQQGEwJJTDESMBAGA1UECAwJSmVydXNhbGVtMRIwEAYDVQQHDAlKZXJ1
+c2FsZW0xFDASBgNVBAoMC2JqZHdlY2suY29tMRwwGgYDVQQDDBNjYS5tcXR0LmJq
+ZHdlY2suY29tMSAwHgYJKoZIhvcNAQkBFhFiamR3ZWNrQGdtYWlsLmNvbTAeFw0y
+MDEwMDEwODAzMjJaFw0yMTA5MjYwODAzMjJaMH8xCzAJBgNVBAYTAklMMRIwEAYD
+VQQIDAlKZXJ1c2FsZW0xEjAQBgNVBAcMCUplcnVzYWxlbTEUMBIGA1UECgwLYmpk
+d2Vjay5jb20xEDAOBgNVBAMMB3ZhZ3JhbnQxIDAeBgkqhkiG9w0BCQEWEWJqZHdl
+Y2tAZ21haWwuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzurA
+n0OwXj5ClFiKn/v76vtwGX3eSyxViCUTyctp4TysyORwbKW2ojzZceXuEg++q/FD
+k4VkPXgJ+yYRePt3akvlTwPWHpf2OfCf7irStbxrrSQbIb8xODoj6IaKlPMNgezQ
+/kZwuymqNil7k4bx7I1ii/xpD1A+YuWLn6Km6fBRS85JPte5vYexvMZWdH398/87
+8dttzQ5Slcp3MMVWwSmWb3LyEECqc2TC+C2dDFbGb0c0b7iYrYJXxoJmY+rb5f48
+rxrJ4pyhWax7lWQz2NobJlpRE1g4LspsQWEEnXE3MEgImALlj3Zd06l+mK2PRD3u
+6v1UUXK+Ry7OiH6DZQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAX4HvdZOYjmfzz
+eSV/84WavlDgzO0w4xzOZr68bxE3rKpC6uBu9hI14FMllCO/bimZpYVfTVuwju/a
+85HzpM+kOVDXquN7H6Ta8b3LUlHJ3FyFixHSwe7DFrskgnls4eVppzalSGVS1cHQ
+0uEALXKqXj1x13PH4K+67Ue/pKYUbhV8WGBwMkEkxoM/igBFl9uahVhUpRFLLMah
+JLHw3nauLU+swi+In9r9e0wDw+3lCCcZP5KzkGhCAv67yKg9STSw6n1yGvE9HKQn
+S1GdA7nWu06XJVQ9FOVTKzrAKnPVf02+SiNl/BUcpENe11oNvntxstpUeh76lHE6
+Ql/lCgTl
+-----END CERTIFICATE-----

example/torch-conf/client.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzurAn0OwXj5ClFiKn/v76vtwGX3eSyxViCUTyctp4TysyORw
+bKW2ojzZceXuEg++q/FDk4VkPXgJ+yYRePt3akvlTwPWHpf2OfCf7irStbxrrSQb
+Ib8xODoj6IaKlPMNgezQ/kZwuymqNil7k4bx7I1ii/xpD1A+YuWLn6Km6fBRS85J
+Pte5vYexvMZWdH398/878dttzQ5Slcp3MMVWwSmWb3LyEECqc2TC+C2dDFbGb0c0
+b7iYrYJXxoJmY+rb5f48rxrJ4pyhWax7lWQz2NobJlpRE1g4LspsQWEEnXE3MEgI
+mALlj3Zd06l+mK2PRD3u6v1UUXK+Ry7OiH6DZQIDAQABAoIBAA18EQeQErthlVcz
+mf0pH9bFgh23LTh68CwKNortHb5XBO+mq4j5F7jk/ErG8EfvDL8J3xyLEehLnWLn
+rTXUNYkQ3yXSGy8tOhe2jcWotsivOdkzxCzj1+JRL6vksL1aRaQU+d3IW2pnIbeb
+5njLz5JZ+HUlAvfDg/1P9lR19ijCqXrMjl2lDazcDTF8jPgwCUhXdvmVzOVinCxT
+lnhQizukxvg7PUsUVrR3qX16CUEAvav0N/zyqclyrsTEg2hYg+PW8NXGnLpbE7pH
+F6GiB8zKaFsrjC2EXRVjXZQsLVusUmyB4z14w0fcsEOTtrR8lP7dQkyxQoRaTo/C
+lukUMYECgYEA++Fkl9hQ5zY6iJlLUhxiJjv0ZNe0jWvtONVQasA7JtmMBTh3ZRTW
+ipqOdDQsd/Whsw6h0loZ/RS72hMNGFqeGmIQEHvb4swqPB87frp3UCTCQGXIAjSL
+Bx5K0NPfgYfC4jRAr3gAEqXeVumrxdDsmN5Ua6+c3WHcXMczd16vLUUCgYEA0k0Z
+uWuYqkEwYwHuEqAYZd8ynu+rIh8bIhZS66ikWQMBzwLxY7mQQjQpkM9r2khG/K3L
+U/0gF5qqToB+OapcYspPHRzNOlhU5n7nEr/aZvsbzTs2deMGVmvg80QpnAdBPKjQ
+hNvrhbu+BVb2NmaTQo3Q/NnxNHyTJjdTlzK8D6ECgYEAuKBAAeV3d+MSCKqEwU04
+zFnKDFjoaXkgyzXg2j7JnPJ9Zh47tgYONE6R+K99oPiVbBBfoTaWMiIOiAzK3n0d
+wqz6pXqEdLu+gY9LJts7Na2cDWQNtUAaYD9eC7Ah9moy+Wffuj61nvWiAgcJ99fq
+dSsSqlRxIPzob8E8AlWPBhkCgYEAnd4s+mlQADbRiPFQ84Bk8Exd5rvJvuKU7sDN
+XISLYxqDyA/Qf2k0Zs5biY57yy/IwjQA17rD1ZRQVn/UwZsmoS53t0YAtdTLXwBS
+nFuTKw1D8IuLtXFIN6XiBxvbFHrJuSyM479njUvDOKTwTSQxVZu6D6XXkOwXVm/f
++zelvyECgYALWlLKvODf2+J08M6v71EcSVN14KcdRhBsMM/zaarLmCvY8RqpURHm
+AN6f1C1McEOTuANgAPNRdkwpAsW5aRiNR2yJLqBHq7bVAyCnxk87YuOwekDi8lJV
+1jVixWRsXQyuZ1pQHhCzT5aM6MTEGQf8pLcuBuaFkThMXPdhh2kKRQ==
+-----END RSA PRIVATE KEY-----

example/torch-conf/torch.conf

@@ -0,0 +1,15 @@
+[tor]
+ControllerPort = 9051
+
+[ssh]
+Port = 22
+
+[mqtt]
+BrokerHost = mqtt.bjdweck.com
+BrokerPort = 8883
+Topic = wokeup/me
+RequireCertificate = true
+CaFile = ca.crt
+CertFile = client.crt
+KeyFile = client.key
+

install-ubuntu2004.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/bash
+
+apt update
+apt install -y tor python3-pip
+sudo -H pip3 install stem paho-mqtt
+
+sed -i '/^#ControlPort 9051/s/^#//' /etc/tor/torrc
+sed -i '/^#CookieAuthentication 1/s/^#//' /etc/tor/torrc
+echo "CookieAuthFileGroupReadable 1" >> /etc/tor/torrc
+systemctl reload tor
+
+useradd --system -g debian-tor torch
+
+mkdir -p /etc/torch
+cp torch.conf /etc/torch/
+chown -R torch /etc/torch
+
+mkdir -p /usr/local/lib/torch
+mv torch-pub.py /usr/local/lib/torch/
+chown root:root /usr/local/lib/torch/torch-pub.py
+chmod 644 /usr/local/lib/torch/torch-pub.py
+
+mv torch.service /etc/systemd/system/
+chown root:root /etc/systemd/system/torch.service
+chmod 644 /etc/systemd/system/torch.service
+
+systemctl daemon-reload
+systemctl enable torch

torch-pub.py

@@ -0,0 +1,52 @@
+from stem.control import Controller
+import stem.connection
+import paho.mqtt.client as mqtt
+import ssl
+import configparser
+
+configPath = "/etc/torch/"
+
+config = configparser.ConfigParser()
+config.read(configPath + "torch.conf")
+
+torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)
+sshPort = config['ssh'].getint('Port', fallback = 22)
+mqttConfig = config['mqtt']
+mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
+mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
+mqttTopic = mqttConfig.get('Topic', fallback = "default/topic")
+
+mqttRequireCertificate = mqttConfig.getboolean(
+                                       'RequireCertificate', 
+                                       fallback = False)
+
+mqttCaFile = configPath + mqttConfig.get('CaFile')
+mqttCertFile = configPath + mqttConfig.get('CertFile')
+mqttKeyFile = configPath + mqttConfig.get('KeyFile')
+
+with Controller.from_port(port = torControllerPort) as controller:
+  
+  protocolInfo = stem.connection.get_protocolinfo(controller)
+
+  stem.connection.authenticate_safecookie(
+                       controller, 
+                       protocolInfo.cookie_path)
+  
+  service = controller.create_ephemeral_hidden_service(
+                             sshPort, 
+                             detached = True)
+
+  onionAddress = "%s.onion" % (service.service_id)
+
+client = mqtt.Client()
+
+if mqttRequireCertificate:
+  client.tls_set(
+          ca_certs = mqttCaFile, 
+          certfile = mqttCertFile, 
+          keyfile = mqttKeyFile, 
+          cert_reqs=ssl.CERT_REQUIRED)
+
+client.connect(mqttBrokerHost, mqttBrokerPort, 60)
+client.publish(mqttTopic, onionAddress)
+client.disconnect()

torch.conf

@@ -0,0 +1,17 @@
+[tor]
+ControllerPort = 9051
+
+[ssh]
+Port = 22
+
+[mqtt]
+BrokerHost = mqtt.example.com
+BrokerPort = 1883
+Topic = example/topic
+
+### Options for Using TLS
+
+#RequireCertificate = true
+#CaFile = ca.crt
+#CertFile = client.crt
+#KeyFile = client.key

torch.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Torch: MQTT Publisher for Tor Hidden SSH Service URL
+After=tor.service ssh.service
+Requires=tor.service ssh.service
+
+[Service]
+Environment=PYTHONUNBUFFERED=1
+ExecStart=/usr/bin/python3 /usr/local/lib/torch/torch-pub.py
+User=torch
+Group=debian-tor
+
+[Install]
+WantedBy=multi-user.target ssh.service tor.service