Problem/Motivation

I would like to place my certificates in a subfolder of /ssl/ and specifying a corresponding (relative) path in the options.

Actual behavior

Unfortunatly this is not supported. 40-nginx.sh fails with a sed error. My interpretation is that the sed command used to fill the config template cannot handle the slashes in a path.

Steps to reproduce

Simply specify a relative path instead of a filename in the options (and activate ssl of cause) and restart the addon. (To reproduce this you don't actually have to place a certfile at the specified location, as it will fail long before it would be used.)

Proposed changes

The error is caused by the following line in mqtt/rootfs/etc/cont-init.d/40-nginx.sh:
sed -i "s/%%certfile%%/${certfile}/g" /etc/nginx/nginx-ssl.conf

which modifies the followinf line in the config template mqtt/rootfs/etc/nginx/nginx-ssl.conf:
ssl_certificate /ssl/%%certfile%%;

As you can see specifiing a path relative to /ssl/ should work, at least from the perspective of the config file. Only the templating via sed fails. I'm hoping there is a relativly easy fix by modifing the sed statement.

Problem/Motivation

I tried setting up MQTT on hassio today using tls (Lets Encrypt certificate via another plugin), but I was not able to get it to work. The homeassistant logs don't give much detail:

 docker logs homeassistant >& /tmp/logs.txt; grep -i mqtt /tmp/logs.txt
2018-12-16 18:33:00 INFO (MainThread) [homeassistant.loader] Loaded mqtt from homeassistant.components.mqtt
2018-12-16 18:33:00 INFO (MainThread) [homeassistant.setup] Setting up mqtt
2018-12-16 18:33:00 INFO (MainThread) [homeassistant.setup] Setup of domain mqtt took 0.0 seconds.
2018-12-16 18:33:02 INFO (Thread-2) [homeassistant.components.mqtt] Successfully reconnected to the MQTT server
2018-12-16 18:33:02 INFO (MainThread) [homeassistant.loader] Loaded mqtt.discovery from homeassistant.components.mqtt.discovery
2018-12-16 18:33:03 INFO (Thread-2) [homeassistant.components.mqtt] Successfully reconnected to the MQTT server
2018-12-16 18:33:05 INFO (Thread-2) [homeassistant.components.mqtt] Successfully reconnected to the MQTT server
2018-12-16 18:33:09 INFO (Thread-2) [homeassistant.components.mqtt] Successfully reconnected to the MQTT server
2018-12-16 18:33:17 INFO (Thread-2) [homeassistant.components.mqtt] Successfully reconnected to the MQTT server

but it is not getting any messages. The broker works fine using http://workswithweb.com/mqttbox.html and the Hivemq web ui, so this might be an issue with home assistant or hassio, or possibly the tls certificate validation (although I also tried disabling that).

Expected behavior

Home assistant should be able to publish messages from the https://hassio:8123/dev-mqtt

Actual behavior

I can connect via mqttbox but publishing via dev-mqtt doesn't work, and any sensor created via mqtt also don't work. The following errors are displayed in the mqtt addon logs:

docker logs addon_a0d7b954_mqtt -f
INFO: Starting NGINX for the MQTT client...
1545010299: New client connected from 192.168.0.4 as mqttbox1545009967693 (c1, k10, u'mqtt_iot').
2018/12/16 18:31:42 [notice] 1075#1075: using the "epoll" event method
2018/12/16 18:31:42 [notice] 1075#1075: nginx/1.14.1
2018/12/16 18:31:42 [notice] 1075#1075: OS: Linux 4.14.66-v8
2018/12/16 18:31:42 [notice] 1075#1075: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2018/12/16 18:31:42 [notice] 1075#1075: start worker processes
2018/12/16 18:31:42 [notice] 1075#1075: start worker process 1144
1545010317: Client connection from 192.168.0.30 failed: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol.
1545010317: New connection from 192.168.0.30 on port 4883.
1545010364: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010364: Socket error on client <unknown>, disconnecting.
1545010380: New connection from 192.168.0.30 on port 4883.
1545010380: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010380: Socket error on client <unknown>, disconnecting.
1545010382: New connection from 192.168.0.30 on port 4883.
1545010383: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010383: Socket error on client <unknown>, disconnecting.
1545010383: New connection from 192.168.0.30 on port 4883.
1545010383: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010383: Socket error on client <unknown>, disconnecting.
1545010383: New connection from 192.168.0.30 on port 4883.
1545010385: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010385: Socket error on client <unknown>, disconnecting.
1545010385: New connection from 192.168.0.30 on port 4883.
1545010385: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010385: Socket error on client <unknown>, disconnecting.
1545010385: New connection from 192.168.0.30 on port 4883.
1545010389: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010389: Socket error on client <unknown>, disconnecting.
1545010389: New connection from 192.168.0.30 on port 4883.
1545010389: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010389: Socket error on client <unknown>, disconnecting.
1545010389: New connection from 192.168.0.30 on port 4883.
1545010397: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010397: Socket error on client <unknown>, disconnecting.
1545010397: New connection from 192.168.0.30 on port 4883.
1545010397: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010397: Socket error on client <unknown>, disconnecting.
1545010397: New connection from 192.168.0.30 on port 4883.
1545010413: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010413: Socket error on client <unknown>, disconnecting.
1545010413: New connection from 192.168.0.30 on port 4883.
1545010413: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010413: Socket error on client <unknown>, disconnecting.
1545010413: New connection from 192.168.0.30 on port 4883.
1545010445: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010445: Socket error on client <unknown>, disconnecting.
1545010445: New connection from 192.168.0.30 on port 4883.
1545010445: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1545010445: Socket error on client <unknown>, disconnecting.
1545010445: New connection from 192.168.0.30 on port 4883.
1545010471: OpenSSL Error: error:140260E5:SSL routines:ACCEPT_SR_CLNT_HELLO:ssl handshake failure
1545010471: Socket error on client <unknown>, disconnecting.
1545010487: New connection from 172.30.32.1 on port 1883.
1545010487: New client connected from 172.30.32.1 as home-assistant (c1, k60, u'mqtt_hass').
2018/12/16 18:35:11 [info] 1144#1144: *1 [lua] ha-auth.lua:59: authenticate(): Authenticated user against Home Assistant., client: 192.168.0.4, server: _, request: "GET / HTTP/1.1", host: "hassio:5713"

Steps to reproduce

Install hassio 0.83.3 and use the following settings

# use the default settings for mqtt addon
"broker": {
    "enabled": true,
    "enable_ws": false,
    "enable_mqtt": false,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": false
  },

# configuration.yaml
mqtt:
  username: mqtt_hass
  password: !secret mqtt_password
  client_id: home-assistant
  discovery: true
  protocol: 3.1.1 #Same result using 3.1
  broker: 127.0.0.1
  port: 4883
  tls_version: '1.2' #Same results using 1.1
  tls_insecure: true

Instead of 127.0.0.1 I also tried the FQDN for the domain, and confirmed that the certificate was valid in the container:

docker exec -it homeassistant bash
bash-4.4# openssl s_client -connect hassio.example.com:4884 -tls1_2
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = hassio.example.com
verify return:1

Workaround

It works if you switch "enable_mqtt": false to true in the plugin config, and then use the following mqtt config in home assistant:

mqtt:
  username: mqtt_hass
  password: !secret mqtt_password
  client_id: home-assistant
  discovery: true
  protocol: 3.1.1
  broker: 127.0.0.1
  port: 1883

Motivation

In case #2 gets implemented, it would be great to be able to control the permissions per user.
Mosquitto allows for limiting users to specific topics including read, write and readwrite permissions.

Adding this would give major security controls.

Install instructions contains no information on how to set the desired username and password for the HiveMQ web client part of this addon.

There is also no information on the default username and password for said web client.

Steps to reproduce:

• Install addon
• Go to Addon configuration page
• Read install documentation Readme
• There is no info on how to setup web client username and password

Problem/Motivation

Receiving this error every time after a host reboot: Error talking to MQTT: The client is not currently connected. This cause all MQTT entities to be in yellow and not available.

If I do a HASS restart after a host reboot or power on, it work connect correctly.

Host:
VirtualBox -> VM 4 Cores - 4 GB RAM / SSD drive

Expected behavior

HA should wait until MQTT service is up before connecting.

Actual behavior

HA try to connect to the MQTT service when it is still loading.

Steps to reproduce

• Install MQTT Server Add-ons and configure it
  Config:

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": false
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": false,
    "enable_mqtt_ssl": false,
    "allow_anonymous": true
  },
  "mqttusers": [
    {
      "username": "xxxxx",
      "password": "xxxxx",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ]
}

Configuration.yaml:

# MQTT Connection
mqtt:
  broker: a0d7b954-mqtt
  username: !secret mqtt_username
  password: !secret mqtt_password
  client_id: home-assistant

• Setup some MQTT light in Configuration.yaml (example below)

# Milight Type: MQTT_JSON
  - name: "Office lamp"
    platform: mqtt
    schema: json
    #                                   ________________ Device ID
    #                                  |        ________ Device Type
    #                                  |       |     ___ Group ID
    #                                  |       |    |
    #                                  v       v    v
    command_topic: "milight/commands/0x72C6/rgb_cct/1"
    state_topic: "milight/states/0x72C6/rgb_cct/1"
    qos: 1
    optimistic: false
    retain: true
   
    #-- Bulb configuration
    brightness: true
    rgb: true
    color_temp: true

    # HA missing scale temp feature. On todo list...
    #color_temp_min: 0 
    #color_temp_max: 100
    
    # Milight GW command is "saturation", so white_value doesn't take effect. On todo list...
    # white_value: true 
    
    effect: true
    #Effect list 0=Full, 1=White, 2=RGB, 3=Full hard, 4=Disco, 5=Red Flash, 6=Green Flash, 7=Blue Flash, 8=White Flash]
    effect_list: [0, 1, 2, 3, 4 ,5, 6, 7, 8]
    #effect_speed: true # Milight hub support it. HA missing this feature. 
    
    # Transistion: Milight bulb doesn't support it :(. Need workaround to be done via software on HA or Milight GW)
    #transition: true

• Make sure your MQTT connection work and MQTT light is working fine.
• Reboot host
• Your MQTT light will appear all yellow with "Entity not available: xxx"

Proposed changes

Based on the documentation of MQTT on Home Assistant, I suspect that the MQTT Addon is missing the following:

If you are running a Mosquitto instance on the same server as Home Assistant then you must ensure that the Mosquitto service starts before Home Assistant. For a Linux instance running Systemd (Raspberry Pi, Debian, Ubuntu and others) then you should edit the file /etc/systemd/system/[email protected] as root (e.g., sudo nano /etc/systemd/system/[email protected]) and add the Mosquitto service: [Unit] Description=Home Assistant After=network.target mosquitto.service

Problem/Motivation

Addon seems to have stopped allowing connections after my previous cert expired last week. I had renewed the cert earlier in the month and the new expiration is in effect. HA UI recognizes the new date, and the following command shows it's valid now:
openssl x509 -enddate -noout -in fullchain.pem
notAfter=Oct 12 11:28:57 2019 GMT

config:

{
"ssl": true,
"certfile": "fullchain.pem",
"keyfile": "privkey.pem",
"broker": true,
"allow_anonymous": false,
"mqttusers": [...]
}

Expected behavior

After cert renewal and new cert put in \ssl, expect the addon to use the new cert and recognize the new expiration

Actual behavior

When connecting to the UI, the login fails with Connect failed: AMQJS0007E Socket error:undefined. The log file shows: 1564252609: OpenSSL Error: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
1564252609: Socket error on client , disconnecting.

Steps to reproduce

Not sure, but update your SSL cert and see if the addon recognizes the new expiry?

Proposed changes

None at the moment..

Problem/Motivation

I want to integrate my self flashed CC2531 via MQTT. After the Installation of the MQTT Server & Web client I tried to integrate my self signed certificates of letsencrypt.

I use a LEMP-Stack on a Rasp-Pi 3 (32bit) with a SPDNS.org DNS Server and installed HassIO on Docker. The LEMP is running globally with:
Debian, NGINX Reverse Proxy, RSA LetsEncrypt Certificates, MariaDB-Database, PHP 7.0

Expected behavior

Access to the SSL MQTT Server via SSL

Actual behavior

Connect failed: AMQJS0007E Socket error:undefined.
The way without certificates were also not working - It is not connecting after clicking

Steps to reproduce

Prolog: First of all I tríed to integrate the Zigbee2MQTT for CC2531 iaw. zigbee2mqtt.io documenation. I stopped it because I got a "Connecting to MQTT server at mqtt://127.0.0.1:1883" error. So I tried to use the mqtt-addon

configuration.yaml:

Add-On-Config

Network-Config

1. Is there a way to bind the self signed SSL certificates?
2. Were can I find the wanted file SSL? (I want to avoid a constant changing of the SSL Certs)

Problem/Motivation

I only use MQTT locally, and have a few units that can report to HA through MQTT and plan to expand that. I want to keep thigs as simple as possible, this not using any authentication for publishing and subscribing to MQTT.

Expected behavior

When enabling anonymous access I expect that a client can connect, subscribe to topics and publish topics without supplying a username or password.

Actual behavior

The only way I can get a client to publish on MQTT is to set a username and password and using that. If I don't submit user/password the client can connect and subscribe, but not publish.

Steps to reproduce

Enabling anonymous access, connecting with client not using password/username, publishing to a topic. Log yeilds: "DENIED publish from..."

Proposed changes

(If you have a proposed change, workaround or fix,
describe the rationale behind it)

I thought I had this working so it might be a hass update broke it?

I'm getting

20-01-26 18:14:32 ERROR (SyncWorker_3) [hassio.docker] Can't start addon_a0d7b954_mqtt: 500 Server Error: Internal Server Error ("driver failed programming external connectivity on endpoint addon_a0d7b954_mqtt (7fdc5036843c32613b8ef7819060aa0446209615f37d0b1aee69298557bead4f): Bind for 0.0.0.0:1884 failed: port is already allocated")

My hass configuration.yaml looks like this :

mqtt:
broker: a0d7b954-mqtt
username: !secret mqtt_username
password: !secret mqtt_password
client_id: home-assistant

discovery: true
discovery_prefix: homeassistant

Where secrets are correctly defined.

I'm not sure what is taking the port.

Thanks for the acl update.

Is there a way to configure reading some topics and writing others.
Other than this (this works):

{
  "username": "test",
  "password": "test",
  "readonly": false,
  "topics": [
    "home/test/state/#"
  ]
},
{
  "username": "test",
  "password": "test",
  "readonly": true,
  "topics": [
    "home/test/command/#"
  ]
}

Expected behavior

start addon

Actual behavior

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...
[cont-init.d] 00-banner.sh: exited 267.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing...
s6-maximumtime: warning: child process crashed
[cont-finish.d] 99-message.sh: exited 111.
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.

Steps to reproduce

Latest HassOS 2.12 on RPI Zero W and MQTT Server & Web client 1.1.0

Getting an error in the logs: Unable to open config file /opt/mosquitto.conf

Config:

  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": false
  },
  "allow_anonymous": false,
  "mqttusers": [
...
  ],
  "log_level": "info",
  "web": {
    "enabled": true,
    "ssl": true
  }
}

Log:

[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: MQTT Server & Web client
 Mosquitto MQTT Server bundled with Hivemq's web client
-----------------------------------------------------------
 Add-on version: 1.1.0
 You are running the latest version of this add-on.
 System: HassOS 2.12  (armv7 / raspberrypi3)
 Home Assistant version: 0.92.2
 Supervisor version: 163
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] hivemq.sh: executing... 
patching file /app/index.html
[cont-init.d] hivemq.sh: exited 0.
[cont-init.d] mosquitto.sh: executing... 
[19:24:16] NOTICE: The MQTT Broker has been disabled!
[cont-init.d] mosquitto.sh: exited 0.
[cont-init.d] nginx.sh: executing... 
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[19:24:18] INFO: Starting mosquitto MQTT Server...
1557876258: Error: Unable to open config file /opt/mosquitto.conf.
[19:24:18] INFO: Starting NGINX for the MQTT client...
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
[19:24:19] INFO: Starting mosquitto MQTT Server...
1557876259: Error: Unable to open config file /opt/mosquitto.conf.
[19:24:20] INFO: Starting mosquitto MQTT Server...
1557876260: Error: Unable to open config file /opt/mosquitto.conf.
[19:24:21] INFO: Starting mosquitto MQTT Server...
1557876261: Error: Unable to open config file /opt/mosquitto.conf.
[19:24:22] INFO: Starting mosquitto MQTT Server...
1557876262: Error: Unable to open config file /opt/mosquitto.conf.

Problem/Motivation

Can't Install from Hassio Addon Store

Expected behavior

Install Success and start configuration

Actual behavior

Unable to Install - Error:
18-11-28 15:35:15 INFO (SyncWorker_19) [hassio.docker.interface] Pull image hassioaddons/mqtt tag 0.2.2. 18-11-28 15:35:33 ERROR (SyncWorker_19) [hassio.docker.interface] Can't install hassioaddons/mqtt:0.2.2 -> 404 Client Error: Not Found ("no such image: hassioaddons/mqtt:0.2.2: No such image: hassioaddons/mqtt:0.2.2").

Steps to reproduce

Any Install - I am on hassio docker image (homeassistant/qemuarm-64-homeassistant)
Ubuntu 16.04.5 LTS

Problem/Motivation

I'm trying to connect to the server via the web interface.
error Connect failed: AMQJS0007E Socket error:undefined.
see #6

my config:

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": true
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": false,
    "enable_mqtt_ssl": false,
    "allow_anonymous": false
  },
  "mqttusers": [
    {
      "username": "!secret mqtt_username",
      "password": "!secret mqtt_password",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ]
}

Problem/Motivation

Looking to move over from Official MQTT server for the WebUI for debugging

--
Is there a way to configure an MQTT bridge to say cloud mqtt? I've accomplished this with the offical MQTT server using this setup: https://community.home-assistant.io/t/solved-mqtt-over-internet-aka-how-to-set-up-cloudmqtt-bridge-with-hassio-mosquitto-broker/49939/8

Does this still exist for this add on as well?

Home Assistant Community

[solved] Mqtt over internet? aka: "How to set up cloudMQTT bridge with Hassio mosquitto broker"

I have not worked with NodeRed at all, but i figured it out without it. Here is how i did it, by compiling info from all around the community forums: Register CloudMQTT free account. Ignore the initial un/pw and create two (in my case) new users with their own passwords. In the users page of cloudMQTT, scroll down after creating the users and click topic, select the user, add # (in case you want them in on everything) in the pattern box, then tick read/write access accordingly and add them tw...

Problem/Motivation

Trying to connect to the server via the web-interface I get an error "Connect failed: AMQJS0007E Socket error:undefined."

Steps to reproduce

Freash install. MQTT broker works and I can see devices connecting to it in logs.

When I try to connect from mqtt web client I get error:

Connect failed: AMQJS0007E Socket error:undefined.

I use hassos 1.13 on rpi3.

addon conf:
{
"log_level": "info",
"certfile": "fullchain.pem",
"keyfile": "privkey.pem",
"web": {
"enabled": true,
"ssl": true
},
"broker": {
"enabled": true,
"enable_ws": true,
"enable_mqtt": true,
"enable_ws_ssl": true,
"enable_mqtt_ssl": true,
"allow_anonymous": false
},
"mqttusers": [
{
"username": "user",
"password": "*********",
"readonly": true,
"topics": [
"#"
]
}
]
}

error in addon log:
1546026878: New connection from 192.168.0.15 on port 1883.
1546026878: Socket error on client , disconnecting.

I submitted this on the general issues but was told I needed to add here:

Hass Version 0.87.1 (also 0.86.x)
OS: Debian 9 / Ubuntu 18-->
Addin: Mosquitto MQTT server / client

MQTT errors in log with Sonata Tasmoda Switch as below,
It seemed to happen when there was an update to the Mosquitto server a couple of days ago,
I tried to rebuild versions in new Debian / Ubuntu installs,
Works fine on Raspian install on same version and same config.

19-02-13 06:31:36 DEBUG (MainThread) [homeassistant.components.mqtt] Received message on homeassistant/light/6795B6_LI_1/config: b'p\xa3\xc6\x9b\xe6U\x00\x00\x10\x80\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00P\xa2\xc6\x9b\xe6U\x00\x00\x10\xa2\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \xa1\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
2019-02-13 06:31:36 WARNING (MainThread) [homeassistant.components.mqtt] Can't decode payload b'p\xa3\xc6\x9b\xe6U\x00\x00\x10\x80\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00P\xa2\xc6\x9b\xe6U\x00\x00\x10\xa2\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \xa1\xc6\x9b\xe6U\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' on homeassistant/light/6795B6_LI_1/config with encoding utf-8*

Problem/Motivation

"readonly": true, does not work

Expected behavior

if readony: true the user should not be able to write to topic

Actual behavior

can write to topic no matter readonly state

Steps to reproduce

   {"username": "hass",
      "password": "test",
      "readonly": false,
      "topics": [ "#"]},
    { "username": "sonoff_123456",
      "password": "test",
      "readonly": true,
      "topics": ["test/#"]}

docker exec -it addon_a0d7b954_mqtt tail /opt/acl
user hass
topic #
user sonoff_123456
topic readwrite test/#

Proposed changes

when "readonly": true
acl should be
topic read [topic path]
when "readonly": false
would like to have an explixit readwrite
topic readwrite [topic path]
not
topic [topic path] - (Allows read & write)

Hello,

I'm trying your addon with a self-signed certificate and I'm getting this in the logs:

nginx: [warn] "ssl_stapling" ignored, no OCSP responder URL in the certificate "/ssl/my_selft_signed_certificate.pem"

Would it be possible to by-pass that OSCP check?

Thank you!

Problem/Motivation

I intall MQTTServer&web client and when i try to connet using HiveMQ I get error: "Connect failed: AMQJS0007E Socket error:undefined."

Log ouput is:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...

Add-on: MQTT Server & Web client
Mosquitto MQTT Server bundled with Hivemq's web client

Add-on version: 1.2.0
You are running the latest version of this add-on.
System: HassOS 3.11 (armv7 / raspberrypi4)
Home Assistant Core: 0.106.4
Home Assistant Supervisor: 207

Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] hivemq.sh: executing...
patching file /app/index.html
[cont-init.d] hivemq.sh: exited 0.
[cont-init.d] mosquitto.sh: executing...
[18:37:41] INFO: Adding configuration for MQTT Server...
[18:37:42] INFO: Setting up user esfacilhacerlo
[18:37:42] INFO: Password is NOT in the Have I Been Pwned database! Nice!
[cont-init.d] mosquitto.sh: exited 0.
[cont-init.d] nginx.sh: executing...
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[18:37:44] INFO: Starting mosquitto MQTT Server...
1583692664: mosquitto version 1.6.4 starting
1583692664: Config loaded from /opt/mosquitto.conf.
1583692664: Opening ipv4 listen socket on port 1883.
1583692664: Opening ipv6 listen socket on port 1883.
1583692664: Opening websockets listen socket on port 1884.
[18:37:44] INFO: Starting NGINX for the MQTT client...
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
1583692670: New connection from 172.30.32.1 on port 1883.
1583692670: New client connected from 172.30.32.1 as servidorlocal (p2, c1, k60, u'esfacilhacerlo').
[08/Mar/2020:18:53:11 +0000] 200 192.168.0.25, 172.30.32.1(172.30.32.2) GET / HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36)
[08/Mar/2020:18:53:11 +0000] 200 192.168.0.25, 172.30.32.1(172.30.32.2) GET /config.js HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36)
1583694464: Saving in-memory database to /data/mosquitto/mosquitto.db.
[08/Mar/2020:19:18:23 +0000] 304 192.168.0.25, 172.30.32.1(172.30.32.2) GET / HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36)
[08/Mar/2020:19:18:23 +0000] 304 192.168.0.25, 172.30.32.1(172.30.32.2) GET /config.js HTTP/1.1 (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36)

Configuration in MQTT Server & Web client is:

ssl: false
certfile: fullchain.pem
keyfile: privkey.pem
broker: true
allow_anonymous: false
mqttusers:

• username: esfacilhacerlo
  password: esfacilhacerlo
  readonly: true
  topics:
  • '#'

And configuration.yaml:

mqtt:
broker: localhost
client_id: servidorlocal
username: esfacilhacerlo
password: esfacilhacerlo

There are other issues about this error message but they are close with not solution.

Thanks,

GitHub

openresty/luajit2

OpenResty's Branch of LuaJIT 2. Contribute to openresty/luajit2 development by creating an account on GitHub.

OpenResty - Download

Problem/Motivation

Receive "Connect failed: AMQJS0007E Socket error:undefined" error when trying to connect to Community Add on MQTT broker through built-in HiveMQ client from all browsers (tried Chrome, Opera and Edge).

Issues #24, #6 and #12 are about the same error message, but neither was actually resolved. One submitter stopped using Hassio, and this addon, while the other managed to connect finally "without changing anything". Both issues are closed.

Expected behavior

HiveMQ client connection to add on broker.

Actual behavior

Connection fails with error message as above.

Steps to reproduce

Fresh install of add on. MQTT broker works and I can see devices connecting to it in logs. Hassio integration set up via configuraton and HA configuration.yaml.
Attempted to use the mosquito addon before this and also had issues attempting to connect to the MQTT broker from home assistant (i uninstalled the mosquito addon before swapping to this addon).
Error in WEB UI

MQTT Server & Web client configuration

System info

System log (when attempting to connect)

Addon log
Log
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...

Hass.io Add-on: MQTT Server & Web client
Mosquitto MQTT Server bundled with Hivemq's web client

Add-on version: 1.1.0
You are running the latest version of this add-on.
System: HassOS 2.12 (amd64 / intel-nuc)
Home Assistant version: 0.97.2
Supervisor version: 181

Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] hivemq.sh: executing...
patching file /app/index.html
[cont-init.d] hivemq.sh: exited 0.
[cont-init.d] mosquitto.sh: executing...
[15:17:20] INFO: Adding configuration for MQTT Server...
[15:17:27] INFO: Setting up user (!secret)
[15:17:31] INFO: Password is NOT in the Have I Been Pwned database! Nice!
[cont-init.d] mosquitto.sh: exited 0.
[cont-init.d] nginx.sh: executing...
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[15:17:37] INFO: Starting mosquitto MQTT Server...
1566245857: mosquitto version 1.6.2 starting
1566245857: Config loaded from /opt/mosquitto.conf.
1566245857: Opening ipv4 listen socket on port 1883.
1566245857: Opening ipv6 listen socket on port 1883.
1566245857: Opening websockets listen socket on port 1884.
1566245857: Opening ipv4 listen socket on port 4883.
1566245857: Opening ipv6 listen socket on port 4883.
1566245857: Opening websockets listen socket on port 4884.
[15:17:38] INFO: Starting NGINX for the MQTT client...
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

Configuration.yaml

Proposed changes

No idea how to fix this isssue.

GitHub

openresty/luajit2

OpenResty's Branch of LuaJIT 2. Contribute to openresty/luajit2 development by creating an account on GitHub.

OpenResty - Download

Problem/Motivation

(Why the issue was filed)

Expected behavior

(What you expected to happen)

Actual behavior

(What actually happened)

Steps to reproduce

(How can someone else make/see it happen)

Proposed changes

(If you have a proposed change, workaround or fix,
describe the rationale behind it)

Can you please update to mosquitto 1.6.3, it has a sweet feature in: log with readable timestamps eclipse/mosquitto#299

Thanks

Problem/Motivation

unable to access the WebUI

Expected behavior

access the webUI

Actual behavior

Connect failed: AMQJS0007E Socket error:undefined.

Steps to reproduce

Install mqtt AddOn. Provide following Config options

{
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "broker": true,
  "allow_anonymous": false,
  "mqttusers": [
    {
      "username": "!secret mqttusername",
      "password": "!secret mqttpassword",
      "readonly": true,
      "topics": [
        "#"
      ]
    }
  ]
}

Tested Broker IP or hostname with: ipaddress, hostname, URL(duckdns) Tried port 4884 and 1884. SSL option yes. Client ID: hassio-mqtt-client

Problem/Motivation

Unable to start Add-on

Expected behavior

Start add on

Actual behavior

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: MQTT Server & Web client
 Mosquitto MQTT Server bundled with Hivemq's web client
-----------------------------------------------------------
 Add-on version: 1.1.0
 You are running the latest version of this add-on.
 System: HassOS 3.7  (armv7 / raspberrypi3)
 Home Assistant version: 0.103.5
 Supervisor version: 193
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] hivemq.sh: executing... 
patching file /app/index.html
[cont-init.d] hivemq.sh: exited 0.
[cont-init.d] mosquitto.sh: executing... 
[13:47:19] INFO: Adding configuration for MQTT Server...
[13:47:21] INFO: Setting up user welshsonoff
[13:47:22] WARNING: Password is in the Have I Been Pwned database!
[13:47:22] WARNING: Password appeared 63 times!
[13:47:22] FATAL: 
[13:47:22] FATAL: We are trying to help you to protect your system the
[13:47:22] FATAL: best we can. Therefore, this add-on checks your
[13:47:22] FATAL: configured password again the HaveIBeenPwned database.
[13:47:22] FATAL: 
[13:47:23] FATAL: Unfortunately, your configured password is considered
[13:47:23] FATAL: unsafe. We highly recommend you to pick a different one.

Steps to reproduce

added MQTT add on. Used a password generator to generate a 20digit alphanumeric and special character password. Still says password is found in this database. Tried with 4 different randomally generated passwords.

HassIo Config

{
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "broker": true,
  "allow_anonymous": false,
  "mqttusers": [
    {
      "username": "!secret mqttusername",
      "password": "!secret mqttpassword",
      "readonly": true,
      "topics": [
        "#"
      ]
    }
  ]
}

I'm disappointed that the new release doesn't allow me to use another port than 4883. All my devices use another port... May I ask you what drove this restriction?

Problem/Motivation

Currently the conf file has an acl_file but is missing the password_file entry. This means you can login without a password as long as you specify a valid username.

Expected behavior

It should validate the password for user accounts using the /opt/pwfile file

Actual behavior

It will accept any password so long as you specify a valid account.

Steps to reproduce

Test using the following configuration

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": true
  },
  "broker": {
    "enabled": true,
    "enable_ws": false,
    "enable_mqtt": true,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": false
  },
  "mqttusers": [
    {
      "username": "ro",
      "password": "doesnotmatter",
      "readonly": true,
      "topics": [
        "#"
      ]
    },
    {
      "username": "hass",
      "password": "doesnotmatter",
      "readonly": false,
      "topics": [
        "#"
      ]
    },
    {
      "username": "iot",
      "password": "doesnotmatter",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ]
}

Proposed changes

The following should be appended to the /opt/mosquitto.conf file

password_file /opt/pwfile

Problem/Motivation

(Why the issue was filed)

Expected behavior

(What you expected to happen)

Actual behavior

(What actually happened)

Steps to reproduce

(How can someone else make/see it happen)

Proposed changes

(If you have a proposed change, workaround or fix,
describe the rationale behind it)

Problem/Motivation

I personally like to use a unique username/password for each device, this improves security tremendously, especially when one of the devices gets compromised.

Problem/Motivation

After upgrade from 0.3.0 to 1.0.0 the MQTT Server does not start properly

Expected behavior

That it would work with the same config as previously (4 users). But only starts up with 1.

Actual behavior

trace log:

         end
        elif (.mqttusers[3].topics | type == "object") then
            if (.mqttusers[3].topics == {}) then
                empty
            else
                .mqttusers[3].topics
            end
        else
            .mqttusers[3].topics
        end
TRACE: bashio::config.true: mqttusers[3].readonly
TRACE: bashio::config: mqttusers[3].readonly
TRACE: bashio::jq: /data/options.json if (.mqttusers[3].readonly == null) then
            null
        elif (.mqttusers[3].readonly | type == "string") then
            .mqttusers[3].readonly // empty
        elif (.mqttusers[3].readonly | type == "boolean") then
            .mqttusers[3].readonly // false
        elif (.mqttusers[3].readonly | type == "array") then
            if (.mqttusers[3].readonly == []) then
                empty
            else
                .mqttusers[3].readonly[]
            end
        elif (.mqttusers[3].readonly | type == "object") then
            if (.mqttusers[3].readonly == {}) then
                empty
            else
                .mqttusers[3].readonly
            end
        else
            .mqttusers[3].readonly
        end
TRACE: bashio::var.true: false
TRACE: bashio::config: mqttusers[0].username
TRACE: bashio::jq: /data/options.json if (.mqttusers[0].username == null) then
            null
        elif (.mqttusers[0].username | type == "string") then
            .mqttusers[0].username // empty
        elif (.mqttusers[0].username | type == "boolean") then
            .mqttusers[0].username // false
        elif (.mqttusers[0].username | type == "array") then
            if (.mqttusers[0].username == []) then
                empty
            else
                .mqttusers[0].username[]
            end
        elif (.mqttusers[0].username | type == "object") then
            if (.mqttusers[0].username == {}) then
                empty
            else
                .mqttusers[0].username
            end
        else
            .mqttusers[0].username
        end
TRACE: bashio::config: mqttusers[0].password
TRACE: bashio::jq: /data/options.json if (.mqttusers[0].password == null) then
            null
        elif (.mqttusers[0].password | type == "string") then
            .mqttusers[0].password // empty
        elif (.mqttusers[0].password | type == "boolean") then
            .mqttusers[0].password // false
        elif (.mqttusers[0].password | type == "array") then
            if (.mqttusers[0].password == []) then
                empty
            else
                .mqttusers[0].password[]
            end
        elif (.mqttusers[0].password | type == "object") then
            if (.mqttusers[0].password == {}) then
                empty
            else
                .mqttusers[0].password
            end
        else
            .mqttusers[0].password
        end
TRACE: bashio::config: mqttusers[0].topics
TRACE: bashio::jq: /data/options.json if (.mqttusers[0].topics == null) then
            null
        elif (.mqttusers[0].topics | type == "string") then
            .mqttusers[0].topics // empty
        elif (.mqttusers[0].topics | type == "boolean") then
            .mqttusers[0].topics // false
        elif (.mqttusers[0].topics | type == "array") then
            if (.mqttusers[0].topics == []) then
                empty
            else
                .mqttusers[0].topics[]
            end
        elif (.mqttusers[0].topics | type == "object") then
            if (.mqttusers[0].topics == {}) then
                empty
            else
                .mqttusers[0].topics
            end
        else
            .mqttusers[0].topics
        end

Proposed changes

fix the loop

Problem/Motivation

I fought with this for hours in Safari, just to discover an SSL error in Chrome. Shame on me, I should have tried that sooner. 🤦‍♂

My server is behind Wireguard so is not public facing, so I am no longer concerned with SSL.

Expected behavior

When "ssl": false is set, http should be the chosen protocol instead of https.
Desired URL = http://[localip]:5713

Actual behavior

The browser opened with https://[localip]:5713.

Steps to reproduce

{
  "log_level": "info",
  "certfile": "",
  "keyfile": "",
  "web": {
    "enabled": true,
    "ssl": false
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": false,
    "enable_mqtt_ssl": false,
    "allow_anonymous": true
  },
  "mqttusers": [
    {
      "username": "mqttusername",
      "password": "mqttpassword",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ],
  "leave_front_door_open": true
}

Proposed changes

I propose that you add an if statement when defining the OPEN WEB UI url. 😉

Proposed changes

I would like to add custom mosquitto.conf within share/ folder. For example, I would like to set options for "persistence" to false since MQTT on Hassio will be acting like bridge, and the primary MQTT server is on the cloud.

Hello,

I get these messages if I try to connect to the mqtt server by hass:

1557245132: OpenSSL Error: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
1557245132: Socket error on client <unknown>, disconnecting.

This is my add-on config:

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": false
  },
  "broker": {
    "enabled": true,
    "enable_ws": false,
    "enable_mqtt": false,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": false
  },
  "mqttusers": [
    {
      "username": "hass",
      "password": "mypass",
      "readonly": false,
      "topics": [
        "hass/#"
      ]
    }
  ]
}

Any idea to solve that?

Thanks in Advance!

Problem/Motivation

Receive "Connect failed: AMQJS0007E Socket error:undefined" error when trying to connect to Community Add on MQTT broker through built-in HiveMQ client from all browsers (tried Chrome, Opera and Edge).

Issues #6 and #12 are about the same error message, but neither was actually resolved. One submitter stopped using Hassio while the other managed to connect finally "without changing anything". Both issues are closed.

Expected behavior

HiveMQ client connection to add on broker.

Actual behavior

Connction fails with error message as above.

Steps to reproduce

Fresh install of add on. MQTT broker works and I can see devices connecting to it in logs. Hassio integration set up via Configuration/Integration not configuration.yaml. Also tested with MQTT.fx connecting to same IP, port 4884 and with same user/pass. Works. calling mqtt.publish in Hassio also works.

Tried restarting Hassio a few times, restarting the add on and also restarting the Ubuntu host. Hassio is running in a Docker container on Ubuntu server 18.04.

HiveMQ page with error

Config

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": true
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": true,
    "enable_mqtt_ssl": true,
    "allow_anonymous": true
  },
  "mqttusers": [
    {
      "username": "x",
      "password": "x",
      "readonly": false,
      "topics": [
        "#"
      ]
    }
  ]
}

Port settings

System info

Part of system log

19-02-13 11:24:37 INFO (MainThread) [hassio.auth] Auth request from a0d7b954_mqtt for xxxxxxxx
19-02-13 11:24:37 INFO (MainThread) [hassio.auth] Success login from xxxxxxxx

Add on log

[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 

-----------------------------------------------------------
 Hass.io Add-on: MQTT Server & Web client v0.3.1

 Mosquitto MQTT Server bundled with Hivemq's web client

 From: Community Hass.io Add-ons
 By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
 amd64 / Ubuntu 18.04.1 LTS / HA 0.87.1 / SU 143 / stable
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 

INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
[cont-init.d] 10-requirements.sh: exited 0.
[cont-init.d] 11-patches.sh: executing... 
patching file /app/index.html
[cont-init.d] 11-patches.sh: exited 0.
[cont-init.d] 20-mqtt_broker.sh: executing... 
INFO: Adding configuration for MQTT Server...
INFO: Setting configuration for websockets...
INFO: Setting configuration for mqtt...
[cont-init.d] 20-mqtt_broker.sh: exited 0.
[cont-init.d] 21-mqtt_web.sh: executing... 
[cont-init.d] 21-mqtt_web.sh: exited 0.
[cont-init.d] 40-nginx.sh: executing... 
[cont-init.d] 40-nginx.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
INFO: Starting mosquitto MQTT Server...
INFO: Starting NGINX for the MQTT client...
1550056408: mosquitto version 1.4.15 (build date 2018-03-04 15:14:46+0000) starting
1550056408: Config loaded from /opt/mosquitto.conf.
1550056408: Opening websockets listen socket on port 1884.
1550056408: Opening websockets listen socket on port 4884.
1550056408: Opening ipv4 listen socket on port 1883.
1550056408: Opening ipv6 listen socket on port 1883.
1550056408: Opening ipv4 listen socket on port 4883.
1550056408: Opening ipv6 listen socket on port 4883.
2019/02/13 11:13:28 [notice] 949#949: using the "epoll" event method
2019/02/13 11:13:28 [notice] 949#949: nginx/1.14.2
2019/02/13 11:13:28 [notice] 949#949: OS: Linux 4.15.0-45-generic
2019/02/13 11:13:28 [notice] 949#949: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2019/02/13 11:13:28 [notice] 949#949: start worker processes
2019/02/13 11:13:28 [notice] 949#949: start worker process 1017
1550056451: New connection from 192.168.86.47 on port 4883.
1550056452: New client connected from 192.168.86.47 as MQTT_FX_Client3 (c1, k60, u'yyyyyyyyy').
2019/02/13 11:14:34 [info] 1017#1017: *1 client closed connection while waiting for request, client: 192.168.86.1, server: 0.0.0.0:5713
1550056524: New connection from 172.30.32.1 on port 1883.
1550056524: Socket error on client <unknown>, disconnecting.
1550056603: New connection from 172.30.32.1 on port 4883.
1550056603: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1550056603: Socket error on client <unknown>, disconnecting.
1550056604: New connection from 172.30.32.1 on port 4883.
1550056604: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1550056604: Socket error on client <unknown>, disconnecting.
1550056606: New connection from 172.30.32.1 on port 4883.
1550056606: OpenSSL Error: error:140260FC:SSL routines:ACCEPT_SR_CLNT_HELLO:unknown protocol
1550056606: Socket error on client <unknown>, disconnecting.
1550056622: New connection from 172.30.32.1 on port 1883.
1550056622: New client connected from 172.30.32.1 as 46WPq4OiinfEzt0wIqG0fQ (c1, k60, u'yyyyyyyyy').
1550056622: Client 46WPq4OiinfEzt0wIqG0fQ disconnected.
1550056654: New connection from 172.30.32.1 on port 1883.
1550056654: New client connected from 172.30.32.1 as e36c9553-5c44-4d72-8876-8ff69f0d15a2 (c1, k60, u'yyyyyyyyy').
2019/02/13 11:24:16 [info] 1017#1017: *5 client sent plain HTTP request to HTTPS port while reading client request headers, client: 192.168.86.1, server: _, request: "GET / HTTP/1.1", host: "yyyyyyyyy.duckdns.org:5713"
192.168.86.1 - - [13/Feb/2019:11:24:16 +0000] "GET / HTTP/1.1" 400 673 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - - [13/Feb/2019:11:24:23 +0000] "GET / HTTP/1.1" 401 29 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
2019/02/13 11:24:37 [info] 1017#1017: *4 client closed connection while SSL handshaking, client: 192.168.86.1, server: 0.0.0.0:5713
2019/02/13 11:24:37 [info] 1017#1017: *8 [lua] ha-auth.lua:59: authenticate(): Authenticated user against Home Assistant., client: 192.168.86.1, server: _, request: "GET / HTTP/1.1", host: "yyyyyyyyy.duckdns.org:5713"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET / HTTP/1.1" 200 14020 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /css/style.css HTTP/1.1" 200 5845 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /css/normalize.css HTTP/1.1" 200 7589 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /css/jquery.minicolors.css HTTP/1.1" 200 4557 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /assets/logo.png HTTP/1.1" 200 5386 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /js/jquery.minicolors.min.js HTTP/1.1" 200 11685 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /js/encoder.js HTTP/1.1" 200 13952 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /js/mqttws31.js HTTP/1.1" 200 82838 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /js/app.js HTTP/1.1" 200 12233 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /config.js HTTP/1.1" 200 44 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /css/foundation.css HTTP/1.1" 200 203133 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:37 +0000] "GET /assets/arrow_up.png HTTP/1.1" 200 271 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:38 +0000] "GET /assets/arrow_down.png HTTP/1.1" 200 268 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - xxxxxx [13/Feb/2019:11:24:38 +0000] "GET /assets/jquery.minicolors.png HTTP/1.1" 200 77459 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
192.168.86.1 - - [13/Feb/2019:11:24:39 +0000] "GET /favicon.ico HTTP/1.1" 401 29 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763"
2019/02/13 11:25:33 [info] 1017#1017: *13 client closed connection while waiting for request, client: 192.168.86.1, server: 0.0.0.0:5713
2019/02/13 11:25:34 [info] 1017#1017: *14 client closed connection while waiting for request, client: 192.168.86.1, server: 0.0.0.0:5713
192.168.86.1 - xxxxxx [13/Feb/2019:11:25:36 +0000] "GET / HTTP/1.1" 200 14020 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"
192.168.86.1 - xxxxxx [13/Feb/2019:11:25:36 +0000] "GET /config.js HTTP/1.1" 200 44 "https://yyyyyyyyy.duckdns.org:5713/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"

Hello,
First of all a big thank you for this great addon!!
I was wondering if it is possible to "remember" credentials and host address in the web mqtt client.
Thanks,
Vlad

When I want to start the "MQTT Server & Web client" add-on this fail is shown in the log. What can I do now?

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...

Hass.io Add-on: MQTT Server & Web client
Mosquitto MQTT Server bundled with Hivemq's web client

Add-on version: 1.1.0
You are running the latest version of this add-on.
System: HassOS 2.12 (armv7 / raspberrypi3)
Home Assistant version: 0.93.0
Supervisor version: 163

Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] hivemq.sh: executing...
patching file /app/index.html
[cont-init.d] hivemq.sh: exited 0.
[cont-init.d] mosquitto.sh: executing...
[21:53:17] INFO: Adding configuration for MQTT Server...
[21:53:18] INFO: Setting up user homeassistant
[21:53:19] WARNING: Password is in the Have I Been Pwned database!
[21:53:19] WARNING: Password appeared 1 times!
[21:53:19] FATAL:
[21:53:19] FATAL: We are trying to help you to protect your system the
[21:53:19] FATAL: best we can. Therefore, this add-on checks your
[21:53:19] FATAL: configured password again the HaveIBeenPwned database.
[21:53:19] FATAL:
[21:53:19] FATAL: Unfortunately, your configured password is considered
[21:53:19] FATAL: unsafe. We highly recommend you to pick a different one.
[21:53:19] FATAL:
[21:53:19] FATAL: Please change the password in the 'mqttusers[0].password' option.
[21:53:19] FATAL:
[21:53:19] FATAL: Check the add-on manual for more information.
[21:53:19] FATAL:
[cont-init.d] mosquitto.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing...

Oops! Something went wrong.

We are so sorry, but something went terribly wrong when
starting or running this add-on.

Be sure to check the log above, line by line, for hints.

[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.

Version

Add-on version: 1.0.1
You are running the latest version of this add-on.
System: HassOS 2.11 (amd64 / qemux86-64)
Home Assistant version: 0.91.4
Supervisor version: 160

Problem

As i wrote with you in discord, the client cant publish, its denied but i configured it as "anonymous"

1555962674:New connection from 192.168.0.115 on port 1883.
1555962674: New client connected from 192.168.0.115 as DHT_Pub (c1, k60).
1555962674: No will message specified.
1555962674: Sending CONNACK to DHT_Pub (0, 0)
1555962674: Denied PUBLISH from DHT_Pub (d0, q0, r0, m0, 'mirror/temperature1', ... (13 bytes))
1555962674: Denied PUBLISH from DHT_Pub (d0, q0, r0, m0, 'mirror/humidity1', ... (4 bytes))
1555962674: Received DISCONNECT from DHT_Pub
1555962674: Client DHT_Pub disconnected.

Configuration

{
"log_level": "info",
"certfile": "fullchain.pem",
"keyfile": "privkey.pem",
"web": {
"enabled": false,
"ssl": true
},
"broker": {
"enabled": true,
"enable_ws": false,
"enable_mqtt": true,
"enable_ws_ssl": false,
"enable_mqtt_ssl": false,
"allow_anonymous": true
},
"mqttusers": []
}

Related to this issue

#23

The official addon doesn't have the hivemq webclient.
In stead of removing the add-on, could you maybe only remove the mqtt broker part?

Problem/Motivation

I've try to change SSL ports from defaults 4883+4884 to 8883+8884, but it's not actually applyed.

Expected behavior

MQTT server listening on ports 8883+8884 for SSL connections.

Actual behavior

MQTT server listening on default ports 4883+4884 for SSL connections.

Steps to reproduce

1. Into addon configuration into block "Network" i've changed container "4883/tcp" to "8883" and container "4884/tcp" to "8884";
2. I've pressed button "Save" then restart addon.
3. After restarting in addon logs i've see:

1551788268: Config loaded from /opt/mosquitto.conf.
1551788268: Opening websockets listen socket on port 4884.
1551788268: Opening ipv4 listen socket on port 1883.
1551788268: Opening ipv6 listen socket on port 1883.
1551788268: Opening ipv4 listen socket on port 4883.
1551788268: Opening ipv6 listen socket on port 4883.

Problem/Motivation

availability_topic message not read on boot of HA, the mqtt light device show as unavaiable.
If I manually reboot these devices or re-send the availability message via MQTT everything works fine.

my config is:

- platform: mqtt name: "Terrazzo Salotto" state_topic: "shellies/shelly1-55EED9/relay/0" command_topic: "shellies/shelly1-55EED9/relay/0/command" availability_topic: "shellies/shelly1-55EED9/online" qos: 0 payload_on: "on" payload_off: "off" payload_available: "true" payload_not_available: "false" optimistic: false retain: false

Home Assistant release with the issue:
0.87.1

Last working Home Assistant release (if known):
0.86.x

Operating environment (Hass.io/Docker/Windows/etc.):
Hass.io on RPi 3B

When I start the addon the UI dont start for a NGINX error.

My config is file is like this:

{
  "log_level": "info",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "web": {
    "enabled": true,
    "ssl": false
  },
  "broker": {
    "enabled": true,
    "enable_ws": true,
    "enable_mqtt": true,
    "enable_ws_ssl": false,
    "enable_mqtt_ssl": false,
    "allow_anonymous": false
  },
  "mqttusers": [
    {
      "username": "*********",
      "password": "*********",
      "readonly": true,
      "topics": [
        "#"
      ]
    }
  ],
  "leave_front_door_open": true
}

And the resultant Log is this:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
Hass.io Add-on: MQTT Server & Web client v0.2.2
Mosquitto MQTT Server bundled with Hivemq's web client
From: Community Hass.io Add-ons
By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
aarch64 / HassOS 2.2 / HA 0.82.1 / SU 140 / stable
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
[cont-init.d] 10-requirements.sh: exited 0.
[cont-init.d] 11-patches.sh: executing... 
patching file /app/index.html
[cont-init.d] 11-patches.sh: exited 0.
[cont-init.d] 20-mqtt_broker.sh: executing... 
INFO: Adding configuration for MQTT Server...
INFO: Setting configuration for websockets...
INFO: Setting configuration for mqtt...
[cont-init.d] 20-mqtt_broker.sh: exited 0.
[cont-init.d] 21-mqtt_web.sh: executing... 
[cont-init.d] 21-mqtt_web.sh: exited 0.
[cont-init.d] 40-nginx.sh: executing... 
[cont-init.d] 40-nginx.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
INFO: Starting mosquitto MQTT Server...
1542926464: mosquitto version 1.4.15 (build date 2018-03-04 15:36:00+0000) starting
1542926464: Config loaded from /opt/mosquitto.conf.
1542926464: Opening websockets listen socket on port 1884.
1542926464: Opening ipv4 listen socket on port 1883.
1542926464: Opening ipv6 listen socket on port 1883.
INFO: Starting NGINX for the MQTT client...
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
INFO: Starting NGINX for the MQTT client...
PANIC: unprotected error in call to Lua API (bad light userdata pointer)

-What I do to UI run without this Panic error...?

-And in what place i put the leave_front_door_open": true...?

Please some tip...?

Hello,

I'm getting this error in the logs when trying to connect a device at 10.0.6.28 via MQTT SSL:

1553966506: Client connection from 10.0.6.28 failed: error:1408F10B:SSL routines:ssl3_get_record:wrong version number.

Would you know what the problem is?

Thank you!

I´m trying to lern MQTT and have Homeassistant with respi3+

Now try update from normal to this addon ......
have changed all to see in manual but it not runs and says this.

`armhf / HassOS 1.13 / HA 0.87.1 / SU 143 / stable

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing...
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing...
FATAL: The configured certfile is not found <<<<why? everything is normal
[cont-init.d] 10-requirements.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing...
`

im try and make all to false :

{
"log_level": "info",
"certfile": "fullchain.pem",
"keyfile": "privkey.pem",
"web": {
"enabled": true,
"ssl": false
},
"broker": {
"enabled": true,
"enable_ws": false,
"enable_mqtt": false,
"enable_ws_ssl": false,
"enable_mqtt_ssl": false,
"allow_anonymous": false
},
"mqttusers": [
{
"username": "hassio",
"password": "ha",
"readonly": true,
"topics": [
"#"
]
}
]
}
this works not realy and can not enter the website. >>SSL_ERROR_RX_RECORD_TOO_LONG <<
and have this on my log.
first beginns normal after minute this here :-/

1550503846: New client connected from 192.168.188.25 as DVES_0F45CE (c1, k10, u'hassio'). 1550503847: New connection from 192.168.188.23 on port 1883. 1550503847: New client connected from 192.168.188.23 as DVES_17F25D (c1, k10, u'hassio'). 2019/02/18 16:32:57 [info] 920#920: *1 client sent invalid method while reading client request line, client: 192.168.188.26, server: _, request: "�������������V)�_��y㨡�tܠ�bش����S" 192.168.188.26 - - [18/Feb/2019:16:32:57 +0100] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xF1\xC2\x9FV)\x05_\xA9\xBEy\xE3\xA8\xA1\x92t\xDC\xA0\x99b\xD8\xB4\x18\xE8\x7F\xA8S" 400 173 "-" "-" 2019/02/18 16:33:00 [info] 920#920: *2 client sent invalid method while reading client request line, client: 192.168.188.26, server: _, request: "��������������8�¨�����~K�&�+�<8��R��X�ڔ4� X����J�-H��t�d�r�Q�ře��\���(\{�$�������+�/̨̩�,�0�" 192.168.188.26 - - [18/Feb/2019:16:33:00 +0100] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\xFE\xB6\xB58\x8D\xC2\xA8\xB1\x8A\x1B\xC3\xEB~K\xA5&\xE8+\xB4<8\xD4\xCCR\x0B\x9AX\x06\xDA\x944\x1F X\x0E\xC3\xFB\x88J\xF2\xA3-H\x0B\xF6t\xBFd\x8Ar\x9DQ\x8D\xC5\x99e\xB7\xC2\x5C\xB4\xBA\x94(\x5C{\x00$\x13\x01\x13\x03\x13\x02\xC0+\xC0/\xCC\xA9\xCC\xA8\xC0,\xC00\xC0" 400 173 "-" "-"

what can i do??? sorry for my bad english.........

Problem/Motivation

I want to limit the amount of messages in mosquitto addon logs. I have a simple mqtt client that reconnects every second to read and/or post. That results in excessive logs.

I run Home Assistant 0.87.0 on HassOS 2.8.

My addon setup is the following:
{
"logins": [],
"anonymous": false,
"customize": {
"active": true,
"folder": "mosquitto"
},
"certfile": "fullchain.pem",
"keyfile": "privkey.pem"
}

Content of /share/mosquitto/mosquitto.conf file is the following:
log_type none
connection_messages false
log_dest none

Expected behavior

I hoped to eliminate login messages in the addon logs.

Actual behavior

I get multiple [INFO] messages on every login:

[INFO] found mqtt on Home Assistant
[INFO] found mqtt on Home Assistant
[INFO] found mqtt on Home Assistant
[INFO] found mqtt on Home Assistant

mqtt is the username in HA used for login by mosquitto client.

Problem/Motivation

When using the the !secret option the addon will not load the variables containing dots.

My convention for storing items in secrets as followed:

<path_or_service>.<desc>.<variable> or components.weather.darksky.api_key

or in this case:

system.addons.mqtt.admin_username
system.addons.mqtt.admin_password

Expected behavior

The expected behavior would be to read in the variables regardless of the chars used.

Actual behavior

Currently the add-on will not load due to the requested variable containing a "." and terminates with an error. See attached log below.

Steps to reproduce

Add a "." into a variable name and try to restart MQTT.

Proposed changes

Allow variables to contain dots or most, if not all, standard characters.

Log

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: MQTT Server & Web client v0.3.0
 Mosquitto MQTT Server bundled with Hivemq's web client
 From: Community Hass.io Add-ons
 By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
 armhf / null / HA 0.84.6 / SU 141 / stable
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
ERROR: Secret system.addons.mqtt.admin_username not found in secrets.yaml file.
FATAL: Missing username for MQTT User
[cont-init.d] 10-requirements.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing... 
-----------------------------------------------------------
                Oops! Something went wrong.
 
 We are so sorry, but something went terribly wrong when
 starting or running this add-on.
 
 Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.