Mosquitto MQTT 4.1 doesnt work after update

DavidFW1960 · September 17, 2019, 10:36pm

Well that’s odd. Do you have active true or false?

cogneato · September 18, 2019, 2:34am

Active is false, since it also isn’t used. I should have included that.

DavidFW1960 · September 18, 2019, 2:37am

OK good to know.

I originally had it setup like that however eventually got ACL working and thought I was on borrowed time as the docs said ACL was mandatory now so having sorted it out and gotten it working I use it now.

Skottelbraai · September 29, 2019, 12:21pm

Hello,
I keep having a problem with Mosquitto broker under hassio.

[14:12:00] INFO: Setup mosquitto configuration
[14:12:00] WARNING: SSL not enabled - No valid certs found!
[14:12:00] INFO: No local user available
[14:12:01] INFO: Initialize Hass.io Add-on services
[14:12:01] INFO: Initialize Home Assistant discovery
[14:12:01] INFO: Start Mosquitto daemon
1569759121: Loading config file /share/mosquitto/._acl.conf
1569759121: Loading config file /share/mosquitto/acl.conf
1569759121: mosquitto version 1.6.3 starting
1569759121: Config loaded from /etc/mosquitto.conf.
1569759121: Loading plugin: /usr/share/mosquitto/auth-plug.so
1569759121: ├── Username/password checking enabled.
1569759121: ├── TLS-PSK checking enabled.
1569759121: |-- *** auth-plug: startup
1569759121: └── Extended authentication not enabled.
1569759121: Opening ipv4 listen socket on port 1883.
1569759121: Opening ipv6 listen socket on port 1883.
1569759121: Opening websockets listen socket on port 1884.
1569759121: Warning: Mosquitto should not be run as root/administrator.
1569759126: New connection from 192.168.1.48 on port 1883.
1569759126: Socket error on client , disconnecting.``

My config looks like this:

{
  "logins": [],
  "anonymous": true,
  "customize": {
    "active": true,
    "folder": "mosquitto"
  },
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "require_certificate": false
}

My acl.conf looks like this:

acl_file /share/mosquitto/accesscontrollist

and my acl_file looks like this:

user mqtt
topic readwrite #
user homeassistant
topic readwrite #

acl_file with no extension

I can’t get it to work at all

Also i don’t understand why username/password control checking keeps enabled thow anonymous = true?

DavidFW1960 · September 29, 2019, 9:48pm

It’s not called acl_file it’s called accesscontrollist

Skottelbraai · September 30, 2019, 5:46am

Okay, i changed that and now i get:

[07:43:04] INFO: Setup mosquitto configuration
[07:43:04] WARNING: SSL not enabled - No valid certs found!
[07:43:05] INFO: No local user available
[07:43:06] INFO: Initialize Hass.io Add-on services
[07:43:06] INFO: Initialize Home Assistant discovery
[07:43:06] INFO: Start Mosquitto daemon
1569822186: Loading config file /share/mosquitto/._acl.conf
1569822186: Loading config file /share/mosquitto/acl.conf
1569822186: mosquitto version 1.6.3 starting
1569822186: Config loaded from /etc/mosquitto.conf.
1569822186: Loading plugin: /usr/share/mosquitto/auth-plug.so
1569822186: |-- *** auth-plug: startup
1569822186:  ├── Username/password checking enabled.
1569822186:  ├── TLS-PSK checking enabled.
1569822186:  └── Extended authentication not enabled.
1569822186: Error: Invalid line in acl_file "/share/mosquitto/accesscontrollist": {\rtf1\ansi\ansicpg1252\cocoartf1671\cocoasubrtf600.
1569822186: Error opening acl file "/share/mosquitto/accesscontrollist".

any ideas?

I think i give the wrong format to the accesscontrollist file.

DavidFW1960 · September 30, 2019, 6:01am

Permissions?
Also try setting active: false instead of trus as you are using a Hopme Assistant user not a local user.

Skottelbraai · September 30, 2019, 6:21am

I changed te plain text witch gives me:

[08:19:36] INFO: Setup mosquitto configuration
[08:19:36] WARNING: SSL not enabled - No valid certs found!
[08:19:36] INFO: No local user available
[08:19:36] INFO: Initialize Hass.io Add-on services
[08:19:36] INFO: Initialize Home Assistant discovery
[08:19:37] INFO: Start Mosquitto daemon
1569824377: Loading config file /share/mosquitto/._acl.conf
1569824377: Loading config file /share/mosquitto/acl.conf
1569824377: mosquitto version 1.6.3 starting
1569824377: Config loaded from /etc/mosquitto.conf.
1569824377: Loading plugin: /usr/share/mosquitto/auth-plug.so
1569824377: |-- *** auth-plug: startup
1569824377:  ├── Username/password checking enabled.
1569824377:  ├── TLS-PSK checking enabled.
1569824377:  └── Extended authentication not enabled.
1569824377: Opening ipv4 listen socket on port 1883.
1569824377: Opening ipv6 listen socket on port 1883.
1569824377: Opening websockets listen socket on port 1884.
1569824377: Warning: Mosquitto should not be run as root/administrator.
1569824378: New connection from 172.30.32.1 on port 1883.
1569824379: Socket error on client <unknown>, disconnecting.
1569824379: New connection from 172.30.32.1 on port 1883.
[INFO] found homeassistant on local database
1569824380: New client connected from 172.30.32.1 as auto-595F810B-7891-8902-3980-4048CCF92D84 (p2, c1, k60, u'homeassistant').
1569824382: New connection from 192.168.1.48 on port 1883.
1569824382: Socket error on client <unknown>, disconnecting.

Progress i guess?

DavidFW1960 · September 30, 2019, 6:58am

Did you try active: false?

Skottelbraai · September 30, 2019, 7:38am

Yes but no succes.

DavidFW1960 · September 30, 2019, 7:58am

Are you configuring MQTT in configuration.yaml?

If you are, try deleting all of that - I assume you are using the Core Mosquitto addon… What type of devices are you using? Are they Tasmota? Are you using MQTT discovery?

I would try removing everything MQTT including mqtt: from config.
Remove the MQTT integration if it exists
Remove the Mosquitto broker.
Restart Home Assistant
Add the broker back and use the default settings.
Enable discovery on the devices (if Tasmota, SetOption19 On in the console)
Add the MQTT integration (check the box for MQTT discovery)

On the devices, make sure they use a Home Assistant username and password. Make sure you have selected the correct IP address for the broker. Make sure every device has a unique topic.

Restart Home Assistant.

If you have active: false (the default) in the broker it won’t use acl. If you have active: true, you need to setup acl - but it looks to me like your acl is setup correctly anyway. I’d try active: false to start.

Download MQTT explorer and see what is going into the broker in real time as it happens.

Skottelbraai · September 30, 2019, 8:47am

Sorry, no succes whatever i try
and yes my device is on tasmota. It is a sonoff mini.

I installed MQTT discovery and i can only log in WITH username and password.
This is what i don’t want.
Even with anonymous: true this is the case.
I have another pi with mosquitto mqtt as broker and this one works flawlessly. No user or password needed at all.
My guess is there is a bug in the MQTT software for hassio.
When i put my username and password in tasmota it works.
But i need to be able to leave these empty.

Is this possible?

DavidFW1960 · September 30, 2019, 9:12am

Why do you need to use anonymous?
Should be able to do it - just no idea why you ‘must’
I have never even considered using anonymous so have no experience doing that.

Skottelbraai · September 30, 2019, 9:16am

I have a few ESP8266’s programmed for mqtt and they all connect without username and password.
It would be a big hassle to take all these devices out of they housing, solder wires to them and re-program them.

Still i think when anonymous =true the broker should connect without user and pass.

Skottelbraai · September 30, 2019, 9:53am

I roll back to my separate mqtt broker and maybe some time when this bug is resolved i come back.

Tnx for your help so far David.

DavidFW1960 · September 30, 2019, 11:33am

So not running Tasmota? Because if Tasmota you can just set username/password via the web GUI.

Skottelbraai · September 30, 2019, 11:47am

Not on all devices…

DavidFW1960 · September 30, 2019, 10:49pm

Try adding:

allow_anonymous true

To the acl file.

Skottelbraai · October 1, 2019, 7:51am

Gives an error:

[09:51:01] INFO: Setup mosquitto configuration
[09:51:01] WARNING: SSL not enabled - No valid certs found!
[09:51:03] INFO: No local user available
[09:51:04] INFO: Initialize Hass.io Add-on services
[09:51:04] INFO: Initialize Home Assistant discovery
[09:51:04] INFO: Start Mosquitto daemon
1569916264: Loading config file /share/mosquitto/._acl.conf
1569916264: Loading config file /share/mosquitto/acl.conf
1569916264: mosquitto version 1.6.3 starting
1569916264: Config loaded from /etc/mosquitto.conf.
1569916264: Loading plugin: /usr/share/mosquitto/auth-plug.so
1569916264: |-- *** auth-plug: startup
1569916264:  ├── Username/password checking enabled.
1569916264:  ├── TLS-PSK checking enabled.
1569916264:  └── Extended authentication not enabled.
1569916264: Error: Invalid line in acl_file "/share/mosquitto/accesscontrollist": allow_anonymous.
1569916264: Error opening acl file "/share/mosquitto/accesscontrollist".

This option is true by default

DavidFW1960 · October 1, 2019, 8:58am

It’s only true by default if nothing else is specified in the ACL file according to my reading.