diff options
Diffstat (limited to 'roles/mosquitto')
-rw-r--r-- | roles/mosquitto/broker/defaults/main.yml (renamed from roles/mosquitto/defaults/main.yml) | 10 | ||||
-rw-r--r-- | roles/mosquitto/broker/handlers/main.yml (renamed from roles/mosquitto/handlers/main.yml) | 0 | ||||
-rw-r--r-- | roles/mosquitto/broker/tasks/main.yml (renamed from roles/mosquitto/tasks/main.yml) | 10 | ||||
-rw-r--r-- | roles/mosquitto/broker/templates/config.j2 (renamed from roles/mosquitto/templates/config.j2) | 8 | ||||
-rw-r--r-- | roles/mosquitto/client/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/mosquitto/client/tasks/main.yml | 17 |
6 files changed, 36 insertions, 14 deletions
diff --git a/roles/mosquitto/defaults/main.yml b/roles/mosquitto/broker/defaults/main.yml index 32199a50..bd509f9c 100644 --- a/roles/mosquitto/defaults/main.yml +++ b/roles/mosquitto/broker/defaults/main.yml @@ -1,8 +1,8 @@ --- -# mosquitto_global_config_options: +# mosquitto_broker_global_config_options: # per_listener_settings: "true" -mosquitto_listeners: {} +mosquitto_broker_listeners: {} # example: # bind: 1883 192.0.2.1 # hostnames: @@ -19,13 +19,13 @@ mosquitto_listeners: {} # acl_file: /etc/mosquitto/example.acl # password_file: /etc/mosquitto/example.passwd -mosquitto_prometheus_listener: false +mosquitto_broker_prometheus_listener: false -mosquitto_acl_files: {} +mosquitto_broker_acl_files: {} # example: | # user somebody # topic read example/+/foo -mosquitto_password_files: {} +mosquitto_broker_password_files: {} # example: | # somebody:{{ 'secret' | mosquitto_passwd_hash('somebody@mqtt.example.com') }} diff --git a/roles/mosquitto/handlers/main.yml b/roles/mosquitto/broker/handlers/main.yml index c188764d..c188764d 100644 --- a/roles/mosquitto/handlers/main.yml +++ b/roles/mosquitto/broker/handlers/main.yml diff --git a/roles/mosquitto/tasks/main.yml b/roles/mosquitto/broker/tasks/main.yml index 41b7dc7a..3afffd71 100644 --- a/roles/mosquitto/tasks/main.yml +++ b/roles/mosquitto/broker/tasks/main.yml @@ -7,7 +7,7 @@ state: present - name: install mosquitto acl files - loop: "{{ mosquitto_acl_files | dict2items }}" + loop: "{{ mosquitto_broker_acl_files | dict2items }}" loop_control: label: "{{ item.key }}" copy: @@ -18,7 +18,7 @@ notify: reload mosquitto - name: install mosquitto password files - loop: "{{ mosquitto_password_files | dict2items }}" + loop: "{{ mosquitto_broker_password_files | dict2items }}" loop_control: label: "{{ item.key }}" copy: @@ -31,18 +31,18 @@ notify: reload mosquitto - name: generate Diffie-Hellman parameters - when: (mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') | length) > 0 + when: (mosquitto_broker_listeners | dict2items | selectattr('value.tls', 'defined') | length) > 0 openssl_dhparam: path: /etc/mosquitto/certs/dhparams.pem size: 2048 notify: reload mosquitto - name: generate/install/fetch TLS certificate - loop: "{{ mosquitto_listeners | dict2items | selectattr('value.tls', 'defined') }}" + loop: "{{ mosquitto_broker_listeners | dict2items | selectattr('value.tls', 'defined') }}" loop_control: label: "{{ item.key }}" vars: - x509_certificate_name: "mosquitto-{{ item.key }}" + x509_certificate_name: "mosquitto-broker-{{ item.key }}" x509_certificate_hostnames: "{{ item.value.hostnames }}" x509_certificate_config: "{{ item.value.tls.certificate_config | default({}) }}" x509_certificate_renewal: diff --git a/roles/mosquitto/templates/config.j2 b/roles/mosquitto/broker/templates/config.j2 index e6fa4b52..e042ac25 100644 --- a/roles/mosquitto/templates/config.j2 +++ b/roles/mosquitto/broker/templates/config.j2 @@ -1,12 +1,12 @@ # {{ ansible_managed }} ## Global -{% if mosquitto_global_config_options is defined %} -{% for option, value in mosquitto_global_config_options.items() %} +{% if mosquitto_broker_global_config_options is defined %} +{% for option, value in mosquitto_broker_global_config_options.items() %} {{ option }} {{ value }} {% endfor %} {% endif %} -{% for name, listener in mosquitto_listeners.items() %} +{% for name, listener in mosquitto_broker_listeners.items() %} ## Listener: {{ name }} listener {{ listener.bind }} @@ -21,7 +21,7 @@ dhparamfile /etc/mosquitto/certs/dhparams.pem {% endfor %} {% endif %} {% endfor %} -{% if mosquitto_prometheus_listener %} +{% if mosquitto_broker_prometheus_listener %} ## Prometheus monitoring listener 0 /var/run/mosquitto/prometheus.sock diff --git a/roles/mosquitto/client/defaults/main.yml b/roles/mosquitto/client/defaults/main.yml new file mode 100644 index 00000000..7485601a --- /dev/null +++ b/roles/mosquitto/client/defaults/main.yml @@ -0,0 +1,5 @@ +--- +mosquitto_client_tls: {} +# example: +# certificate_provider: ... +# certificate_config: ... diff --git a/roles/mosquitto/client/tasks/main.yml b/roles/mosquitto/client/tasks/main.yml new file mode 100644 index 00000000..f7463e2a --- /dev/null +++ b/roles/mosquitto/client/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: install mosquitto + apt: + name: + - mosquitto-clients + state: present + +- name: generate/install/fetch TLS certificate + loop: "{{ mosquitto_client_tls | dict2items }}" + loop_control: + label: "{{ item.key }}" + vars: + x509_certificate_name: "mosquitto-client-{{ item.key }}" + x509_certificate_hostnames: [] + x509_certificate_config: "{{ item.value.certificate_config }}" + include_role: + name: "x509/{{ item.value.certificate_provider }}/cert" |