roles/mosquitto: Update for Mosquitto 2.x

Mosquitto 2.x included two significant changes from 1.6: * There is no longer a "default" listener; all listeners are configured in the same way * The daemon drops privileges *before* reading TLS certificates and private keys
2021-07-19 13:24:34 -05:00
parent 0f70a5b6ba
commit 57b3039f2c
3 changed files with 130 additions and 225 deletions
--- a/group_vars/home-assistant.yml
+++ b/group_vars/home-assistant.yml
@@ -1,6 +1,10 @@
 samba_interfaces:
 - '{{ dch_networks.blue.ipv4_address }}'
 mosquitto_port: 8883
-mosquitto_certfile: /etc/pki/tls/certs/localhost.crt
-mosquitto_keyfile: /etc/pki/tls/private/localhost.key
+mosquitto_certfile: /etc/pki/tls/certs/mosquitto.cer
+mosquitto_keyfile: /etc/pki/tls/private/mosquitto.key
 mosquitto_allow_anonymous: false
+mosquitto_listeners:
+- port: 1883
+  address: ::1
+mosquitto_password_file: /etc/mosquitto/passwd