Trying to use the built in mqtt.org extension in Hassio, i can’t seem to enter the login credentials, and the Save-button to light up. Whats the correct format in options here? The pre-filledout folder mosquito isn’t in my root, do i need to create that myself, or will Hass.io take care of that? The 2.pem files are to be created externally? Couldn’t find any instructions for that on the Mqtt site.
I already had an account on thingstud.io, id like to use that. Can i leave the builtin Mqtt.org out and call the thingstud.io in my configuration.yaml?
it keeps falling back to the default setting of anonymous login. Each and every time i start the service, my login credentials are wiped…
just to get to grips with this: these are the login credentials the clients have t use to talk to Hassio mqtt, or are these the credentials one has set at the brokers mqtt account…
I have, so just to be sure I included the credentials in my mqtt config. Since I’m running the embeded mqtt, I haven’t even tried turning off anonymous login. It didn’t seem important considering everything that isn’t firewalled requires a Let’s Encrypt certfile.
ive setup my router to ddns, so i don’t need the duckdns service i would have thought.
lets encrypt is one of these problems form within Hassio… can’t sudo the given commands in the manual, and when trying from the letsencrypt website, im not offered the correct options to run.
at least i believe so.
Please help…
I can’t enter anything in the Letsencrypt options in the Hassio add ons interface.
cheers,
Marius
was wrong initially there, the router setup was for reaching the router, not the hassio. Changed that now accordingly, and Duckdns is working fine.
No SSL though, and consecutively no secure Mqtt either…
Just to be precise, im on Hassio, not Hasbian. I have to configure from within the Hassio options in Home Assistant.
If your on Hassio too, please let me know where are your keys generated? btw did you receive any mail with these keys on the provided address in the settings?
The files are supposed to be automatically generated in /ssl/. I don’t know what to do if they’re not. Try to reinstall the duckdns addon? I did not receive any e-mails, but then I already had an account with duckdns.
SSL in MQTT seems to be port specific. 1883 is non-ssl and what I use in my Hass config. 8883 is what I use when connecting to MQTT from outside the network, like with Owntracks (rembember to port-forward.)
What I mean when I say embedded MQTT is that I’ve installed the Moquitto Broker add-on in Hassio. This is what I have in configuration.yaml that concerns mqtt and owntracks:
you’ve pointed to your secrets file in the configuration file. But how about the hassio component, where it wants the user credentials username and password?
Have you filled these out plainly, or also with a pointer to the secrets file (don’t know if that s even possible?)
adding to that, from what i understand, the embedded broker on localhost etc is another mqtt broker than the mqtt.org called upon in the Hassio add-on .
Maybe they can both be activated but for now im trying to be as un-redundant as possible.
Another thing: how to point the own tracks app on your iphone to the localhost. can we fallout the Duckdns address there. (maybe check the port forward for this too)
Please let me know if your remote Owntracks locations are picked up by the mqtt configuration correctly?
Thanks again,
I only point to the secrets file in the Hassio configurations. I’ve posted my config for the MQTT Broker add-on above, but removed my actual username and password. I filled them out in plain text on my system.
I do not understand what you mean when you say “[…] is another mqtt broker than the mqtt.org called upon in the Hassio add-on”, nor when you say"Maybe they can both be activated but for now im trying to be as un-redundant as possible.". The mqtt add-on is nice precisely because it doesn’t connect to anything else. You keep all of your communication private - no trusting third-parties. You won’t need anything extra once you get it up and running.
You point owntracks to your duckdns-address and you find a way for duckdns to update your external IP. They list several ways of automating the process here: https://www.duckdns.org/install.jsp
It does not require any port-forwarding. Only make sure that port 8883 on your pi is accessible from outside your network.
Yes, my remote owntracks locations are picked up by mqtt correctly. I have a setup that turn off all the lights, the radio and the TV (if those appliances are still on) when both me and my wifes phones have left home, and which turns on all the lights if one of us comes home while the house is empty. Also different lights, brightness levels and colors depending on the time of day. It’s very satisfying, so I hope you get your setup working as well!
redid the duckdns process, albeit now with forward ports for the letsencrypt certification (80+443), and after having finished the certificate process, forwarded the latter to the hassio port 8123. As per instructions in the Bruh video (which isnt for the Hassio specifically, hence my earlier confusion)
Ive got Duckdns working over SSL, Mqtt is correctly working now (as far as im able to test it, no errors any more, and even Owntracks is able to connect. (not yet showing up in the Map though, might need some further tweaking?)
Adding to that, SSH login is stil going fine albeit as root at the hassio setup.
note to self: although Hassio-addon does most of the work, this entry in the configuration.yaml was still necessary:
"# Uncomment this if you are using SSL/TLS, running in Docker container, etc.#
base_url: !secret base_url
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem