Search code examples
node.jsazuremqttplc

PLC to MQTT Broker Server using AedesJS hosted in AzureVM

Im trying to connect my PLC to my broker server using AedesJS. I've made it work locally but then when I tried it with the server being hosted in Azure VM, it doesn't let me connect.

Here is my basic mqtt broker server code.

require('dotenv').config();
const aedes = require('aedes')();
const server = require('net').createServer(aedes.handle)
const Client = require('azure-iot-device').Client;
const Message = require('azure-iot-device').Message;
const Protocol = require('azure-iot-device-mqtt').Mqtt;
const port = process.env.PORT;
const iotconn = process.env.IOTHUB_DEVICE_CONN;

server.listen(port, function () {
  console.log('Server started and listening on port ', port)
})


// fired when a message is published
aedes.on('publish', async function (packet, client) {

  if(!client) return;
  let data = packet.payload.toString();
  let msg = new Message(data);
  iotClient.sendEvent(msg,  iotResult('send'))
  
})

Here is my NGINX config for the broker. Maybe its something here.

 server {
                listen 80;
                listen [::]:80;
                server_name mqtt-broker.irvineenvironmental.com;

                location / {
                         proxy_http_version 1.1;



                        proxy_set_header Upgrade $http_upgrade;



                        proxy_set_header Connection 'upgrade';



                        proxy_set_header Host $host;


                        proxy_cache_bypass $http_upgrade;

                        proxy_pass http://localhost:1883;
                }

        }
Solution

  • As hashed out in the comments

    MQTT is not the same as HTTP, you can not configure Nginx to act as a HTTP reverse proxy to expose a native MQTT broker to the internet. (You can do this with MQTT over WebSockets, but unless all your clients support MQTT over WebSockets this isn't going to be an option).

    The other option is to configure Nginx as a stream proxy which will route all traffic on a given port to another port, but unless you are using Nginx to do TLS termination or remote IP filtering then it's probably not worth it.

    The simplest option is to open the default MQTT port (1883) in the VMs firewall and directly expose the broker. I will say that you should ensure that you have enabled authentication and ACL support in your broker and it would also be a good idea to add TLS support if the clients support it.