jeans/home-assistant.io
jeans/home-assistant.io
1
0
Fork 0
mirror of https://github.com/home-assistant/home-assistant.io.git synced 2025-06-02 16:26:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
home-assistant.io/source/_addons/mosquitto.markdown
Nick Horvath 338eeb2295 Add instructions on running MQTT ssl/nonssl simultaneously (#5027) 
* Add instructions on running MQTT ssl/nonssl simultaneously

I wanted to be able to recieve MQTT from my cell phone over SSL, but wanted local things that have limited RAM to be able to connect without the burden of SSL code.

* Tweaking

* Add comma
2018-03-29 09:23:31 +02:00

2.1 KiB
Raw Blame History

layout, title, description, date, sidebar, comments, sharing, footer, featured
layout title description date sidebar comments sharing footer featured
page Mosquitto MQTT broker Fast and reliable MQTT broker. 2017-04-30 13:28 true false true true true

Set up Mosquitto as MQTT broker.

{
  "plain": true,
  "ssl": false,
  "anonymous": true,
  "logins": [
    {"username": "testuser", "password": "mypw"}
  ],
  "customize": {
    "active": false,
    "folder": "mosquitto"
  },
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem"
}

Make sure you use logins and disable anonymous access if you want to secure the system.

Configuration variables:

  • plain (Optional): Listen on port 1883 without SSL/TLS. Defaults to true.
  • ssl (Optional): Listen on port 8883 with SSL/TLS. This requires certificates. Defaults to false.
  • anonymous (Optional): Allow anonymous connections. If logins is set, the anonymous user can only read data. Defaults to true.
  • logins (Optional): A list of users that will be created with username and password.
  • customize (Optional): If you enable it, it reads additional configuration files (*.conf) from /share/mosquitto.

{% linkable_title Home Assistant configuration %}

To use the Mosquitto as broker, add the following entry to the configuration.yaml file.

# Example configuration.yaml entry
mqtt:
  broker: core-mosquitto

If username and password are set up in add-on, your configuration.yaml file should contain that data.

mqtt:
  broker: core-mosquitto
  username: YOUR_USERNAME
  password: YOUR_PASSWORD

{% linkable_title Listening simultaneously on SSL/TLS (8883) and insecure (1883) ports %}

  1. Configure SSL/TLS as normal.
  2. Set customize flag to true in your configuration.
  3. Create a file in /share/mosquitto named insecure.conf with the following contents:
listener 1883
protocol mqtt
  1. Restart MQTT

It's recommened that you only open your firewall to the SSL/TLS port (8883) and only use the insecure port (1883) for local devices.