Weird installation of mosquitto broker

threadstone83 · February 14, 2024, 11:21pm

Hello everyone,

I’m not sure if I have a problem right now. At least it looks kind of weird right now. It’s about the Mosquitto broker.
Right at the beginning of my HA installation, I installed Mosquitto broker according to some instructions on the Internet (of course I don’t remember which ones).
After I received the error message that the MQTT login failed during a special installation of my descaling system via AppDaemon, I took a closer look at MQTT in terms of username and password. And here’s what I don’t really understand:

There is no username/password stored in the Mosquitto broker AddOn under configuration (according to the documentation this is only optional)
In the MQTT integration under Configure → Reconfigure MQTT, both a user name (strangely “homeassistant”) and a password are stored.
A user “mqtt_broker” has been created as a user in HA but I don’t know the password.

Shouldn’t the user in HA and the one in the MQTT integration be the same? And wouldn’t I have to store the user also in the AddOn?

If I change something here, it will probably affect my integrations that are based on MQTT (e.g. Zigbee2MQTT), right?

Thank you in advance for your help!

nickrout · February 15, 2024, 1:25am

The addon can use any configured home assistant user and password. I usually set up a user named mosquitto and use it for nothing other than mqtt.

tom_l · February 15, 2024, 1:53am

There are two types of users the broker can use:

Local users, defined in the add-on config. You can not create a local user called "homeassistant’.
Home Assistant users, defined in Home Assistant.

Do not confuse broker local users with Home Assistant local users. These are users defined in Home Assistant that can only access it when connected on the local network.

e.g. here is a Home Assistant local user:

That’s unfortunate as you created it. It was not created automatically.

threadstone83 · February 15, 2024, 8:39am

Thank you for your detailed answer @tom_l
That is exact that what makes me confused.

Yes, I have created the “mqtt_broker” user in HA but I don’t know the password and in the Mosquitto Integration I have added the user “homeassistant” (which is not existing in HA).

How can I clean this up? Is the following possible?

Change the password of the HA-User “mqtt_broker” (and the name to mqtt_user)
Change the configuration of the Mosquitto Integration to the same username and password as created in No.1

Do I break the Zigbee2MQTT Integration with that? Do I have to change here also something?

tom_l · February 15, 2024, 8:59am

Yes that should work, as long as you don’t have any other devices using that HA user name and password to communicate with the broker. If you do, you will need to change their configuration too.

You can change the zigbee2mqtt configuration to match your new local broker credentials here: config/zigbee2mqtt/configuration.yaml

threadstone83 · February 15, 2024, 10:47am

Later I will give it a try. I report if all goes well (or not).
Thank you very much!!

threadstone83 · February 15, 2024, 10:39pm

So, I have cleaned up. I deleted the existing HA user, created a new one (this time I have saved the password!), changed username + password in the MQTT-integration to the one from the new HA-user and restarted HA. It seems that all works as it should be.
Thank you for your help!

nickrout · February 15, 2024, 10:43pm

Now to change z2m.

threadstone83 · February 15, 2024, 11:18pm

I have checked but there is a complete different user in it (username addon).

tom_l · February 15, 2024, 11:34pm

Well if it is working, leave it.

threadstone83 · February 15, 2024, 11:42pm

Yes, it works.
But I will have a look tomorrow again

odwide · February 15, 2024, 11:45pm

The setup is clear cut. HA uses a dedicated Mosquitto user that is defined in the addon config. I have even created three other MQTT users with specific topic access, each for different clients.