Difference between revisions of "Automation - MQTT"
| (7 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
{{!}}- <!-- Debian --> | {{!}}- <!-- Debian --> | ||
{{!}} style="text-align: center; width: 60px;" {{!}} [[File:Logo Debian.png{{!}}60px{{!}}link=https://www.debian.org/{{!}}center{{!}}middle{{!}}frameless]] | {{!}} style="text-align: center; width: 60px;" {{!}} [[File:Logo Debian.png{{!}}60px{{!}}link=https://www.debian.org/{{!}}center{{!}}middle{{!}}frameless]] | ||
{{!}} style="text-align: center; width: 40px;" {{!}} | {{!}} style="text-align: center; width: 40px;" {{!}} 12 (bookworm) | ||
{{!}} ([[#Debian / Version Caveat{{!}}caveat]]) | {{!}} ([[#Debian / Version Caveat{{!}}caveat]]) | ||
<br> | <br> | ||
| Line 46: | Line 46: | ||
Pretty simple, eh? | Pretty simple, eh? | ||
(Tho... If you want the latest & gratest and you're feeling adventurous... There's a [[Mosquitto from Source|CopyPasta page here]].) | |||
== Ensure that Mosquitto broker is running == | == Ensure that Mosquitto broker is running == | ||
| Line 78: | Line 79: | ||
= Debian / Version Caveat = | = Debian / Version Caveat = | ||
(Ignore this if you built from source. It's apparently a repo thing...) | |||
During an install on a raw Debian system, I discovered that Mosquitto refused connection when I tried to access it with anything other than "localhost" as the hostname... | During an install on a raw Debian system, I discovered that Mosquitto refused connection when I tried to access it with anything other than "localhost" as the hostname... | ||
| Line 97: | Line 100: | ||
* <code>sudo service mosquitto restart</code> | * <code>sudo service mosquitto restart</code> | ||
= Securing the broker = | |||
[https://mosquitto.org/documentation/authentication-methods/ Reference] | |||
Mosquitto supports password authentication... | |||
Simplest is: | |||
== password Authentication == | |||
You can create a password file by: | |||
* <code>sudo mosquitto_passwd -c /etc/mosquitto/SecretSquirrels '''USERNAME'''</code> | |||
Then edit the configuration: | |||
* <code>sudo vi /etc/mosquitto/mosquitto.conf</code> | |||
and replace <code>allow_anonymous true</code> with <code>password_file /etc/mosquitto/SecretSquirrels</code> | |||
Then restart the broker: | |||
* <code>sudo service mosquitto restart</code> | |||
From this point, you have to provide '''USERNAME''' & '''PASSWORD''' to access it. | |||
=== Note: === | |||
The password file must be able to be read by whatever user Mosquitto is running as. On Linux/POSIX systems this will typically be the mosquitto user, and /etc/mosquitto/password_file is a good place for the file itself. | |||
[[Category:ServerBuilding]] | [[Category:ServerBuilding]] | ||
[[Category:AutomationServers]] | [[Category:AutomationServers]] | ||
Latest revision as of 17:53, 12 October 2025
 |
12 (bookworm) | (caveat)
|
 |
4 | (caveat)
|
 |
19.3 / 20.3 |
|
 |
20.04.3 |
|
 |
5.11 | (caveat)
|
| As always... | |
|---|---|
|
Start with: |
|
Installing Mosquitto
sudo apt-get install mosquitto
Pretty simple, eh?
(Tho... If you want the latest & gratest and you're feeling adventurous... There's a CopyPasta page here.)
Ensure that Mosquitto broker is running
sudo service mosquitto status
expected result is Active: active (running)
Note: Ubuntu repositories have an outdated version
If you want to know which version you've installed...
sudo mosquitto
(Ignore the error message "Error: Address already in use". It's already running as a service.)
Install client tools for testing etc
(Do this on any machine expected to manually use MQTT)
sudo apt install mosquitto-clients
Testing
In a terminal:
mosquitto_sub -h localhost -t "mqtt" -v
In another terminal:
mosquitto_pub -h localhost -t "mqtt" -m "Hello MQTT"
Now the message “mqtt Hello MQTT” will be displayed in the first terminal where the topic “mqtt” is subscribed.
Subscribing to # gives you a subscription to everything except for topics that start with a $ (these are normally control topics anyway).
Debian / Version Caveat
(Ignore this if you built from source. It's apparently a repo thing...)
During an install on a raw Debian system, I discovered that Mosquitto refused connection when I tried to access it with anything other than "localhost" as the hostname...
Apparently, mosquitto 2.0 binds only to the loopback interface unless specifically told otherwise.
& Debian installs v2.0 or higher...
But for now, It's a simple matter of editing the config file for Mosquitto.
sudo vi /etc/mosquitto/mosquitto.conf
& add in:
listener 1883 allow_anonymous true
Then,
sudo service mosquitto restart
Securing the broker
Mosquitto supports password authentication...
Simplest is:
password Authentication
You can create a password file by:
sudo mosquitto_passwd -c /etc/mosquitto/SecretSquirrels USERNAME
Then edit the configuration:
sudo vi /etc/mosquitto/mosquitto.conf
and replace allow_anonymous true with password_file /etc/mosquitto/SecretSquirrels
Then restart the broker:
sudo service mosquitto restart
From this point, you have to provide USERNAME & PASSWORD to access it.
Note:
The password file must be able to be read by whatever user Mosquitto is running as. On Linux/POSIX systems this will typically be the mosquitto user, and /etc/mosquitto/password_file is a good place for the file itself.