summaryrefslogtreecommitdiff
path: root/roles/mosquitto
diff options
context:
space:
mode:
Diffstat (limited to 'roles/mosquitto')
-rw-r--r--roles/mosquitto/broker/defaults/main.yml (renamed from roles/mosquitto/defaults/main.yml)10
-rw-r--r--roles/mosquitto/broker/handlers/main.yml (renamed from roles/mosquitto/handlers/main.yml)0
-rw-r--r--roles/mosquitto/broker/tasks/main.yml (renamed from roles/mosquitto/tasks/main.yml)10
-rw-r--r--roles/mosquitto/broker/templates/config.j2 (renamed from roles/mosquitto/templates/config.j2)8
-rw-r--r--roles/mosquitto/client/defaults/main.yml5
-rw-r--r--roles/mosquitto/client/tasks/main.yml17
6 files changed, 36 insertions, 14 deletions
diff --git a/roles/mosquitto/defaults/main.yml b/roles/mosquitto/broker/defaults/main.yml
index 32199a50..bd509f9c 100644
--- a/roles/mosquitto/defaults/main.yml
+++ b/roles/mosquitto/broker/defaults/main.yml
@@ -1,8 +1,8 @@
---
-# mosquitto_global_config_options:
+# mosquitto_broker_global_config_options:
# per_listener_settings: "true"
-mosquitto_listeners: {}
+mosquitto_broker_listeners: {}
# example:
# bind: 1883 192.0.2.1
# hostnames:
@@ -19,13 +19,13 @@ mosquitto_listeners: {}
# acl_file: /etc/mosquitto/example.acl
# password_file: /etc/mosquitto/example.passwd
-mosquitto_prometheus_listener: false
+mosquitto_broker_prometheus_listener: false
-mosquitto_acl_files: {}
+mosquitto_broker_acl_files: {}
# example: |
# user somebody
# topic read example/+/foo
-mosquitto_password_files: {}
+mosquitto_broker_password_files: {}
# example: |
# somebody:{{ 'secret' | mosquitto_passwd_hash('somebody@mqtt.example.com') }}
diff --git a/roles/mosquitto/handlers/main.yml b/roles/mosquitto/broker/handlers/main.yml
index c188764d..c188764d 100644
--- a/roles/mosquitto/handlers/main.yml
+++ b/roles/mosquitto/broker/handlers/main.yml
diff --git a/roles/mosquitto/tasks/main.yml b/roles/mosquitto/broker/tasks/main.yml
index 41b7dc7a..3afffd71 100644
--- a/roles/mosquitto/tasks/main.yml
+++ b/roles/mosquitto/broker/tasks/main.yml
@@ -7,7 +7,7 @@
state: present
- name: install mosquitto acl files
- loop: "{{ mosquitto_acl_files | dict2items }}"
+ loop: "{{ mosquitto_broker_acl_files | dict2items }}"
loop_control:
label: "{{ item.key }}"
copy:
@@ -18,7 +18,7 @@
notify: reload mosquitto
- name: install mosquitto password files
- loop: "{{ mosquitto_password_files | dict2items }}"
+ loop: "{{ mosquitto_broker_password_files | dict2items }}"
loop_control:
label: "{{ item.key }}"
copy:
@@ -31,18 +31,18 @@
notify: reload mosquitto
- name: generate Diffie-Hellman parameters
- when: (mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') | length) > 0
+ when: (mosquitto_broker_listeners | dict2items | selectattr('value.tls', 'defined') | length) > 0
openssl_dhparam:
path: /etc/mosquitto/certs/dhparams.pem
size: 2048
notify: reload mosquitto
- name: generate/install/fetch TLS certificate
- loop: "{{ mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') }}"
+ loop: "{{ mosquitto_broker_listeners | dict2items | selectattr('value.tls', 'defined') }}"
loop_control:
label: "{{ item.key }}"
vars:
- x509_certificate_name: "mosquitto-{{ item.key }}"
+ x509_certificate_name: "mosquitto-broker-{{ item.key }}"
x509_certificate_hostnames: "{{ item.value.hostnames }}"
x509_certificate_config: "{{ item.value.tls.certificate_config | default({}) }}"
x509_certificate_renewal:
diff --git a/roles/mosquitto/templates/config.j2 b/roles/mosquitto/broker/templates/config.j2
index e6fa4b52..e042ac25 100644
--- a/roles/mosquitto/templates/config.j2
+++ b/roles/mosquitto/broker/templates/config.j2
@@ -1,12 +1,12 @@
# {{ ansible_managed }}
## Global
-{% if mosquitto_global_config_options is defined %}
-{% for option, value in mosquitto_global_config_options.items() %}
+{% if mosquitto_broker_global_config_options is defined %}
+{% for option, value in mosquitto_broker_global_config_options.items() %}
{{ option }} {{ value }}
{% endfor %}
{% endif %}
-{% for name, listener in mosquitto_listeners.items() %}
+{% for name, listener in mosquitto_broker_listeners.items() %}
## Listener: {{ name }}
listener {{ listener.bind }}
@@ -21,7 +21,7 @@ dhparamfile /etc/mosquitto/certs/dhparams.pem
{% endfor %}
{% endif %}
{% endfor %}
-{% if mosquitto_prometheus_listener %}
+{% if mosquitto_broker_prometheus_listener %}
## Prometheus monitoring
listener 0 /var/run/mosquitto/prometheus.sock
diff --git a/roles/mosquitto/client/defaults/main.yml b/roles/mosquitto/client/defaults/main.yml
new file mode 100644
index 00000000..7485601a
--- /dev/null
+++ b/roles/mosquitto/client/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+mosquitto_client_tls: {}
+# example:
+# certificate_provider: ...
+# certificate_config: ...
diff --git a/roles/mosquitto/client/tasks/main.yml b/roles/mosquitto/client/tasks/main.yml
new file mode 100644
index 00000000..f7463e2a
--- /dev/null
+++ b/roles/mosquitto/client/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+- name: install mosquitto
+ apt:
+ name:
+ - mosquitto-clients
+ state: present
+
+- name: generate/install/fetch TLS certificate
+ loop: "{{ mosquitto_client_tls | dict2items }}"
+ loop_control:
+ label: "{{ item.key }}"
+ vars:
+ x509_certificate_name: "mosquitto-client-{{ item.key }}"
+ x509_certificate_hostnames: []
+ x509_certificate_config: "{{ item.value.certificate_config }}"
+ include_role:
+ name: "x509/{{ item.value.certificate_provider }}/cert"
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 21:54:42 +0000