Setting up mqtt on hassio very basic and early steps

yelkenli · July 14, 2019, 7:05pm

Step 1 & 2 were completed
Step 2 does not say if the new user should be in the ‘users’ or ‘administrators’ group. ?

Step 3 implies restarting the system in config:general, but this is no where called out, so I am assuming it is required after step 1 or 2 or both.

Step 3: shows the broker, port, user, password, but no where in the process is a place to enter that data.
It says configuration.yaml does not need this information, but other threads I read say this info is needed in that file.

I don’t understand what to do with this section. I want to maintain security. Do I just delete 1883 from that add-on page, and leave the other three as they are? Most .yaml text I see states 1883 as the port that is needed.

Disable listening on insecure (1883) ports

Remove the ports from the add-on page network card (set them as blank) to disable them.

yelkenli · July 14, 2019, 6:39pm

deleted. window flaked out and started again with above

yelkenli · July 14, 2019, 9:13pm

The second question for step3 I believe is answered through two of my previous threads.

broker, port, username, and password are not required to be entered into a yaml file, unless there is a desire to set it up in an advanced fashion. Creating a user in the Hassio UI, and giving that username and password to the devices that will connect over MQTT will allow them to connect to the MQTT server in Hassio (Mosquitto in hassio:add-in)

I am getting serial traffic from a device that looks like the below. Does this look like MQTT is up and running?

00:04 HTP: Web server active on sonoff-xxxx with IP address xxx
00:00:05 MQT: Attempting connection…
00:00:07 MQT: Connected
00:00:07 MQT: tele/sonoff/LWT = Online (retained)
00:00:07 MQT: cmnd/sonoff/POWER =
00:00:07 MQT: tele/sonoff/INFO1 = {“Module”:“Sonoff Basic”,“Version”:“6.6.0(release-sonoff)”,“FallbackTopic”:“cmnd/DVES_xxxxxx_fb/”,“GroupTopic”:“sonoffs”}
00:00:07 MQT: tele/sonoff/INFO2 = {“WebServerMode”:“Admin”,“Hostname”:“sonoff-xxxx”,“IPAddress”:“xxxxxx”}
00:00:07 MQT: tele/sonoff/INFO3 = {“RestartReason”:“Software/System restart”}
00:00:07 MQT: stat/sonoff/RESULT = {“POWER”:“OFF”}
00:00:07 MQT: stat/sonoff/POWER = OFF
22:01:10 MQT: tele/sonoff/STATE = {“Time”:“2019-07-14T22:01:10”,“Uptime”:“0T00:00:14”,“Heap”:15,“SleepMode”:“Dynamic”,“Sleep”:50,“LoadAvg”:19,“POWER”:“OFF”,“Wifi”:{“AP”:1,“SSId”:“xxxx”,“BSSId”:“xxxxxxxx”,“Channel”:6,“RSSI”:78,“LinkCount”:1,“Downtime”:“0T00:00:04”}}

in Hass
1563138061: New client connected from xxxx as DVES_xxxxxx (p2, c1, k30, u’xxxx’).

nickrout · July 14, 2019, 10:23pm

Yes it looks like a sonoff device with tasmota firmware is connecting.

yelkenli · July 15, 2019, 2:10am

Great.

Does anyone have thoughts on where the user name that MQTT devices use to access hassio, should be? in the ‘users’ or ‘administrators’ group?

DavidFW1960 · July 15, 2019, 2:36am

It doesn’t matter - either will work fine. I use a user that is in the users group.

yelkenli · July 15, 2019, 11:30am

How about the comment regarding port 1883. I think this has to stay in the list unless the clients are changed to look to another port. Am I correct?

Most .yaml text I see states 1883 as the port that is needed.

flamingm0e · July 15, 2019, 12:32pm

Yes. If the client doesn’t connect to the right port it won’t work.

yelkenli · July 15, 2019, 8:54pm

Any idea what the Hass.io person who wrote that was trying to communicate?

here is the link again.

Maybe this is for systems that are open to the outside? Mine is on an internal network, but I worry about exposing my system with Hass.io.

flamingm0e · July 16, 2019, 12:53am

If you expose your mqtt to the internet you don’t want it unsecured.

If you only allow access to your HA instance, then mqtt isn’t exposed. Mqtt isn’t exposed unless you specifically expose it…same goes for just about any service running on your network.