mosquitto: Initial version of role
This commit is contained in:
parent
b61781bd94
commit
e7cc5866c8
3 changed files with 80 additions and 0 deletions
5
roles/mosquitto/handlers/main.yml
Normal file
5
roles/mosquitto/handlers/main.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: restart mosquitto
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: mosquitto
|
||||||
|
state: restarted
|
||||||
58
roles/mosquitto/tasks/main.yml
Normal file
58
roles/mosquitto/tasks/main.yml
Normal file
|
|
@ -0,0 +1,58 @@
|
||||||
|
---
|
||||||
|
- name: install packages
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: mosquitto
|
||||||
|
state: installed
|
||||||
|
|
||||||
|
- name: add mosquitto to hostkey group
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: _mosquitto
|
||||||
|
groups: hostkey
|
||||||
|
append: true
|
||||||
|
notify: restart mosquitto
|
||||||
|
|
||||||
|
- name: create include directory for config
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /etc/mosquitto/conf.d
|
||||||
|
state: directory
|
||||||
|
mode: 0750
|
||||||
|
owner: root
|
||||||
|
group: _mosquitto
|
||||||
|
|
||||||
|
- name: include extra configs
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/mosquitto/mosquitto.conf
|
||||||
|
line: include_dir /etc/mosquitto/conf.d
|
||||||
|
regexp: "^#?include_dir( .*)?$"
|
||||||
|
notify: restart mosquitto
|
||||||
|
|
||||||
|
- name: create custom config
|
||||||
|
ansible.builtin.template:
|
||||||
|
dest: /etc/mosquitto/conf.d/local.conf
|
||||||
|
src: mosquitto.conf.j2
|
||||||
|
mode: 0640
|
||||||
|
owner: root
|
||||||
|
group: _mosquitto
|
||||||
|
notify: restart mosquitto
|
||||||
|
|
||||||
|
- name: copy acl file
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/mosquitto/acl.conf
|
||||||
|
src: "{{ ansible_private }}/files/mosquitto/acl.conf"
|
||||||
|
mode: 0640
|
||||||
|
owner: root
|
||||||
|
group: _mosquitto
|
||||||
|
|
||||||
|
- name: copy passwd file
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/mosquitto/passwd
|
||||||
|
src: "{{ ansible_private }}/files/mosquitto/acl.conf"
|
||||||
|
mode: 0640
|
||||||
|
owner: root
|
||||||
|
group: _mosquitto
|
||||||
|
|
||||||
|
- name: enable service
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: mosquitto
|
||||||
|
enabled: true
|
||||||
|
state: started
|
||||||
17
roles/mosquitto/templates/mosquitto.conf.j2
Normal file
17
roles/mosquitto/templates/mosquitto.conf.j2
Normal file
|
|
@ -0,0 +1,17 @@
|
||||||
|
# authentication
|
||||||
|
acl_file /etc/mosquitto/acl.conf
|
||||||
|
password_file /etc/mosquitto/passwd
|
||||||
|
allow_anonymous false
|
||||||
|
|
||||||
|
# listen to mqtt
|
||||||
|
listener 1883
|
||||||
|
protocol mqtt
|
||||||
|
|
||||||
|
# listen to mqtt over websockets
|
||||||
|
listener 8883
|
||||||
|
protocol websockets
|
||||||
|
|
||||||
|
# tls options
|
||||||
|
certfile {{ tls_certs }}/{{ inventory_hostname }}.crt
|
||||||
|
keyfile {{ tls_private }}/{{ inventory_hostname }}.key
|
||||||
|
cafile {{ tls_certs }}/ca.crt
|
||||||
Loading…
Add table
Reference in a new issue