From 84daad7b79d2be016150ee17bf237830269043e1 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Mon, 23 Dec 2024 10:10:48 +0000
Subject: [PATCH] mosquitto: Move acl files to repo

---
 roles/mosquitto/files/acl-tls.conf | 4 ++++
 roles/mosquitto/files/acl.conf     | 4 ++++
 roles/mosquitto/tasks/main.yml     | 4 ++--
 3 files changed, 10 insertions(+), 2 deletions(-)
 create mode 100644 roles/mosquitto/files/acl-tls.conf
 create mode 100644 roles/mosquitto/files/acl.conf

diff --git a/roles/mosquitto/files/acl-tls.conf b/roles/mosquitto/files/acl-tls.conf
new file mode 100644
index 0000000..b41e9b2
--- /dev/null
+++ b/roles/mosquitto/files/acl-tls.conf
@@ -0,0 +1,4 @@
+pattern read #
+
+user frigate*.home.foo.sh
+pattern readwrite frigate/%u/#
diff --git a/roles/mosquitto/files/acl.conf b/roles/mosquitto/files/acl.conf
new file mode 100644
index 0000000..5bb8e0a
--- /dev/null
+++ b/roles/mosquitto/files/acl.conf
@@ -0,0 +1,4 @@
+topic deny #
+
+user shellyplug-s-*
+pattern write shellies/%u/#
diff --git a/roles/mosquitto/tasks/main.yml b/roles/mosquitto/tasks/main.yml
index 6343432..a4bbc4f 100644
--- a/roles/mosquitto/tasks/main.yml
+++ b/roles/mosquitto/tasks/main.yml
@@ -38,7 +38,7 @@
 - name: Copy acl file for plaintext server
   ansible.builtin.copy:
     dest: /etc/mosquitto/acl.conf
-    src: "{{ ansible_private }}/files/mosquitto/acl.conf"
+    src: acl.conf
     mode: "0400"
     owner: _mosquitto
     group: _mosquitto
@@ -47,7 +47,7 @@
 - name: Copy acl file for tls server
   ansible.builtin.copy:
     dest: /etc/mosquitto/acl-tls.conf
-    src: "{{ ansible_private }}/files/mosquitto/acl-tls.conf"
+    src: acl-tls.conf
     mode: "0400"
     owner: _mosquitto
     group: _mosquitto