MQTT Bridging with embedded MQTT broker

I’ve been using CloudMQTT with HASS in order to see my “Friends” on OwnTracks for presence detection. However, doing so forces all my internal MQTT messages broadcasted to the cloud, adding an external dependency and potentially exposing sensitive messages.

Would it be possible to bridge the embedded MQTT broker with an external broker (CloudMQTT in this case) so that internal messages stay within, and external services like OwnTracks can continue to function with HASS?

I found this little tidbit of information which may shed a bit of light: https://www.cloudmqtt.com/docs-bridge.html

Also, I found that one could use HASS with Mosquitto and bridging but I’m really hoping I could just use the embedded MQTT broker: MQTT: Working Mosquitto / CloudMQTT Bridge

For whatever it is worth, I found mosquitto much easier to get to work than the embedded MQTT broker, especially when working with owntracks.

I also believe that it’s easier doing it with a locally running mosquitto.
In my case I wanted to connect via TLS to eu.thethings.network and to further local mqtt servers.
Add these line have to /etc/mosquitto/mosquitto.conf

# External MQTT Broker
connection ttn
address eu.thethings.network:8883
bridge_cafile /etc/mosquitto/ca_certificates/ttn-mqtt-ca.pem
topic # in 0 "" ""
remote_username <your-ttn-username>
remote_password <your-ttn-access-key>

Your local mosquitto server subscribes all topics from TTN and it subscribe to all himself too.

In the MQTT integration you connect to your local mosquitto server on port 1833

You can get the mqtt-ca.pem from here https://console.thethingsnetwork.org/mqtt-ca.pem