Mosquitto and Duckdns issues with hassio on ubuntu

Simon_Kristoffersen · December 28, 2018, 8:00am

Hi.

I have recently tried to move my rpi hassio install to my Mac Mini running in docker in ubuntu in virtual box.

I used these exact instructions:

i am using several add-ons with success, like samba, google assistant webserver and portioner, which are reachable on my host ip: respective ports. I am however not able to receive Mqtt messages on my mosquito broker, and my Duckdns is failing with error 403. Somehow I think the issues are related to how networking is handled on the host/docker setup, but I am too inexperienced to figure it out.

First issue with Mqtt:
Config:
{
“log_level”: “info”,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”,
“web”: {
“enabled”: true,
“ssl”: false
},
“broker”: {
“enabled”: true,
“enable_ws”: true,
“enable_mqtt”: true,
“enable_ws_ssl”: false,
“enable_mqtt_ssl”: false,
“allow_anonymous”: false
},
“mqttusers”: [
{
“username”: “myuser”,
“password”: “mypasswd”,
“readonly”: true,
“topics”: [
“#”
]
}
]
}

I am getting succesfull logins from my Mqtt devices in the log like this one:
1545952443: New connection from 192.168.1.63 on port 1883.
1545952443: New client connected from 192.168.1.63 as shelly1-5B2C33 (c1, k60, u’Simon’).

But when I log into the Mqtt server with HiveMQ I am only able to login with port 1884, not 1883 which my Mqtt clients are using. It throws this error when I use 1883:
Connect failed: AMQJS0008I Socket closed.

I am a little puzzled by this socket error, as my other Mqtt clients are sucessfully connecting to 1883.
When I log in with 1884, I don’t see any Mqtt messages at all.

Second issue in removed as I have a too link maximum

Is there some cross container networking I need to configure besides what the hassio addons already configure by themselves?

Any help will be much appreciated, and I am sorry if I missed any forum etiquettes. I am a long time lurker, but this is my first post.

sjee · December 28, 2018, 8:09am

Not sure what duckdns has to do with this. Do you try to connect to your mqtt broker using your duckdns name instead of the local IP address?

Simon_Kristoffersen · December 28, 2018, 11:26am

Second issue with duckdns

config:
{
  "lets_encrypt": {
    "accept_terms": true,
    "certfile": "fullchain.pem",
    "keyfile": "privkey.pem"
  },
  "token": "secrettoken",
  "domains": [
    "secretdomain.duckdns.org"
  ],
  "seconds": 300
}

Log output:

# INFO: Using main config file /data/workdir/config
+ Account already registered!
Fri Dec 28 08:14:55 CET 2018: KO
# INFO: Using main config file /data/workdir/config
Processing secretdomain.duckdns.org
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + Handling authorization for secretdomain.duckdns.org
 + 1 pending challenge(s)
 + Deploying challenge tokens...
KO + Responding to challenge for secretdomain.duckdns.org authorization...
 + Cleaning challenge tokens...
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "dns-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Incorrect TXT record \"\" found at _acme-challenge.secretdomain.duckdns.org", << **Other similar errors I have found on the forums all have tokens in the quotes, but not me**
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/wwaF4yTmT7W8poLe0y2WvpKr90tIABYiY_295LB-1LU/10799266746",
  "token": "XYZXYZXYZXYZXYZXYZXYZXZXYZmCz0"
})

KO + Challenge validation has failed

flamingm0e · December 28, 2018, 1:11pm

For clarification:

In Virtualbox are you using bridged or host networking on the adapter?

Simon_Kristoffersen · December 28, 2018, 3:32pm

sjee: I am accessing my Mqtt local through hostIP:1883. I was just thinking it was both related to networking issues.

flamingm0e: I am using bridged mode between Ubuntu and MacOS.

Thx for the replies. Sorry for the delay. I was suspended for a couple of hours after I posted the first post.

Simon_Kristoffersen · December 28, 2018, 4:36pm

Sorry for wasting your time. I did a full wipe and restore, and now mqtt and Duckdns works again.

Now I get a lot of SSL errors in the log - like 10 pr. min.

2018-12-28 17:26:31 ERROR (MainThread) [homeassistant.core] Error doing job: SSL error errno:1 reason: HTTP_REQUEST
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 504, in uvloop.loop.SSLProtocol.data_received
  File "uvloop/sslproto.pyx", line 204, in uvloop.loop._SSLPipe.feed_ssldata
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)
2018-12-28 17:27:08 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "uvloop/handles/stream.pyx", line 609, in uvloop.loop.UVStream._on_eof
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)
2018-12-28 17:27:08 ERROR (MainThread) [homeassistant.core] Error doing job: SSL error errno:1 reason: HTTP_REQUEST
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 504, in uvloop.loop.SSLProtocol.data_received
  File "uvloop/sslproto.pyx", line 204, in uvloop.loop._SSLPipe.feed_ssldata
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/local/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:841)

Any idea how to get rid of these?