123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- ---
- # Installs Mosquitto MQTT Broker
-
- - name: Install Mosquitto from official repository
- apt:
- name: "{{ packages }}"
- state: present
- update_cache: yes
- vars:
- packages:
- - mosquitto
- - mosquitto-clients
- tags:
- - dependencies
-
- - name: Configure Mosquitto
- template:
- src={{ item.src }}
- dest={{ item.dest }}
- owner=root
- group=root
- with_items:
- - { src: 'etc_mosquitto_conf.d_10-users.j2', dest: '/etc/mosquitto/conf.d/10-users.conf' }
- - { src: 'etc_mosquitto_conf.d_20-default.j2', dest: '/etc/mosquitto/conf.d/20-default.conf' }
- - { src: 'etc_mosquitto_conf.d_21-tls.j2', dest: '/etc/mosquitto/conf.d/21-tls.conf' }
- - { src: 'etc_mosquitto_conf.d_22-ws.j2', dest: '/etc/mosquitto/conf.d/22-ws.conf' }
- notify: restart mosquitto
-
- - name: Ensure mosquitto passwd file exists
- file: path=/etc/mosquitto/passwd state=touch
-
- - name: Create mosquitto users
- shell: mosquitto_passwd -b /etc/mosquitto/passwd {{ item.name }} {{ item.password }}
- with_items: "{{ mosquitto_users }}"
-
- - name: Set firewall rules for Mosquitto
- ufw: rule=allow port={{ item }} proto=tcp
- with_items:
- - 1883 # mqtt (only enable in private networks!)
- - 8883 # mqtts (+ ssl)
- - 8083 # mqtt websocket
- tags: ufw
-
- - name: Register new Mosquitto service
- systemd: name=mosquitto daemon_reload=yes enabled=yes
-
- - name: Start new Mosquitto instance
- service: name=mosquitto state=started
|