Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mosquitto: 6.0.0 #2007

Merged
merged 14 commits into from
May 19, 2021
Merged
Show file tree
Hide file tree
Changes from 11 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions mosquitto/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,17 @@
# Changelog

## 6.0.0

- Support for anonymous logins has been removed
- Replaced Home Assistant authentication handling
- Merged local account handling with authentication plugin
- Add watchdog endpoint for health monitoring
- Updated mosquitto to 1.6.12
- Migrate add-on layout to S6 Overlay
- Migrate all script to use Bashio
- Update base image to Alpine Linux 3.13
- Add port descriptions

## 5.1.1

- Update options schema for passwords
Expand Down
18 changes: 1 addition & 17 deletions mosquitto/DOCS.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@ Add-on configuration:

```yaml
logins: []
anonymous: false
customize:
active: false
folder: mosquitto
Expand All @@ -55,12 +54,6 @@ logins:
password: passwd
```

### Option: `anonymous`

Allow anonymous connections. If logins are set, the anonymous user can only read data. An explicit ACL definition is required for anonymous connections [see Access Control Lists (ACLs)](#access-control-lists-acls).

Default value: `false`

#### Option: `customize.active`

If set to `true` additional configuration files will be read, see the next option.
Expand Down Expand Up @@ -91,7 +84,7 @@ If set to `true` encryption will be enabled using the cert- and keyfile options.

This add-on is attached to the Home Assistant user system, so MQTT clients can make use of these credentials. Local users may also still be set independently within the configuration options for the add-on. For the internal Home Assistant ecosystem, we register `homeassistant` and `addons`, so these may not be used as user names.

## Disable listening on insecure (1883) ports
## Disable listening on insecure (1883/1884) ports

Remove the ports from the add-on page network card (set them as blank) to disable them.

Expand Down Expand Up @@ -126,18 +119,9 @@ Add the following configuration to enable **unrestricted** access to all topics.
user [YOUR_MQTT_USER]
topic readwrite #
```
For anonymous mode ( `"anonymous": true` ), you have to remove the `user [YOUR_MQTT_USER]` line like so:

```text
topic readwrite #
```

The `/share` folder can be accessed via SMB, or on the host filesystem under `/usr/share/hassio/share`.

## Known issues and limitations

- Since version 4.1 of the add-on, an explicit ACL definition is now required if you plan to use legacy logins and `"anonymous": true` [see these instructions](#access-control-lists-acls).

## Support

Got questions?
Expand Down
26 changes: 15 additions & 11 deletions mosquitto/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,9 @@ FROM $BUILD_FROM
WORKDIR /usr/src
ARG MOSQUITTO_AUTH_VERSION
RUN apk add --no-cache \
curl \
mosquitto \
musl \
openssl \
nginx \
pwgen \
socat \
&& apk add --no-cache --virtual .build-dependencies \
build-base \
curl-dev \
Expand All @@ -20,19 +17,26 @@ RUN apk add --no-cache \
\
&& git clone --depth 1 -b "${MOSQUITTO_AUTH_VERSION}" \
https://github.com/pvizeli/mosquitto-auth-plug \
\
&& cd mosquitto-auth-plug \
&& cp config.mk.in config.mk \
&& sed -i "s|BACKEND_FILES.*|BACKEND_FILES ?= yes|g" config.mk \
&& make \
&& mkdir -p /usr/share/mosquitto \
&& cp -f auth-plug.so /usr/share/mosquitto \
&& cp -f np /usr/local/bin \
\
&& apk del .build-dependencies \
&& rm -fr /usr/src/mosquitto-auth-plug
&& apk del --no-cache .build-dependencies \
&& rm -fr \
/etc/logrotate.d \
/etc/mosquitto/* \
/etc/nginx/* \
/usr/share/nginx \
/usr/src/mosquitto-auth-plug \
/var/lib/nginx/html \
/var/www

# Copy data
COPY data/run.sh /
COPY data/auth_srv.sh /bin/
COPY data/mosquitto.conf /etc/
# Copy rootfs
COPY rootfs /

WORKDIR /
CMD [ "/run.sh" ]
10 changes: 5 additions & 5 deletions mosquitto/build.json
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"build_from": {
"aarch64": "homeassistant/aarch64-base:3.10",
"amd64": "homeassistant/amd64-base:3.10",
"armhf": "homeassistant/armhf-base:3.10",
"armv7": "homeassistant/armv7-base:3.10",
"i386": "homeassistant/i386-base:3.10"
"aarch64": "ghcr.io/home-assistant/aarch64-base:3.13",
"amd64": "ghcr.io/home-assistant/amd64-base:3.13",
"armhf": "ghcr.io/home-assistant/armhf-base:3.13",
"armv7": "ghcr.io/home-assistant/armv7-base:3.13",
"i386": "ghcr.io/home-assistant/i386-base:3.13"
},
"args": {
"MOSQUITTO_AUTH_VERSION": "0.1.4"
Expand Down
18 changes: 14 additions & 4 deletions mosquitto/config.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "Mosquitto broker",
"version": "5.1.1",
"version": "6.0.0",
"slug": "mosquitto",
"description": "An Open Source MQTT broker",
"url": "https://github.com/home-assistant/hassio-addons/tree/master/mosquitto",
Expand All @@ -9,16 +9,22 @@
"map": ["ssl", "share"],
"discovery": ["mqtt"],
"services": ["mqtt:provide"],
"watchdog": "tcp://[HOST]:1883",
"auth_api": true,
"ports": {
"1883/tcp": 1883,
"1884/tcp": 1884,
"8883/tcp": 8883,
"8884/tcp": 8884
},
"ports_description": {
"1883/tcp": "Normal MQTT",
"1884/tcp": "MQTT over WebSocket",
"8883/tcp": "Normal MQTT with SSL",
"8884/tcp": "MQTT over WebSocket with SSL"
},
"options": {
"logins": [],
"anonymous": false,
"customize": {
"active": false,
"folder": "mosquitto"
Expand All @@ -28,8 +34,12 @@
"require_certificate": false
},
"schema": {
"logins": [{ "username": "str", "password": "password" }],
"anonymous": "bool",
"logins": [
{
"username": "str",
"password": "password"
}
],
"customize": {
"active": "bool",
"folder": "str"
Expand Down
120 changes: 0 additions & 120 deletions mosquitto/data/auth_srv.sh

This file was deleted.

41 changes: 0 additions & 41 deletions mosquitto/data/mosquitto.conf

This file was deleted.

Loading