23 lines
537 B
Django/Jinja
23 lines
537 B
Django/Jinja
# use different settings for plaintext and tls listeners
|
|
per_listener_settings true
|
|
|
|
# listen to mqtt
|
|
listener 1883
|
|
protocol mqtt
|
|
|
|
acl_file /etc/mosquitto/acl.conf
|
|
password_file /etc/mosquitto/passwd
|
|
allow_anonymous false
|
|
|
|
# listen to mqtt over websockets
|
|
listener 8883
|
|
protocol mqtt
|
|
|
|
certfile {{ tls_certs }}/{{ inventory_hostname }}.crt
|
|
keyfile {{ tls_private }}/{{ inventory_hostname }}.key
|
|
cafile {{ tls_certs }}/ca.crt
|
|
tls_version tlsv1.3
|
|
|
|
acl_file /etc/mosquitto/acl-tls.conf
|
|
require_certificate true
|
|
use_identity_as_username true
|