From df37c6ae9f44db529b69feddca0b5688717c9147 Mon Sep 17 00:00:00 2001 From: stubbfel Date: Thu, 11 Jun 2020 18:45:21 +0200 Subject: [PATCH] add mqtt server --- services/mqtt.nix | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 services/mqtt.nix diff --git a/services/mqtt.nix b/services/mqtt.nix new file mode 100644 index 0000000..7340923 --- /dev/null +++ b/services/mqtt.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: + +rec { + networking.firewall.allowedTCPPorts = [1883]; + +# security.acme.certs."mqtt.stubbe.rocks" = { +# email = "mqqt@stubbe.rocks"; +# webroot = "/var/www/challenges/"; +# allowKeysForGroup = true; +# group = "mosquitto"; +# postRun = '' +# chmod g+rw -R /var/lib/acme/mqtt.stubbe.rocks +# chown mosquitto:root -R /var/lib/acme/mqtt.stubbe.rocks +# ''; +# directory = "/var/lib/acme/mqtt.stubbe.rocks"; +# }; + + services.mosquitto = rec { + enable = true; +# ssl = { +# enable = true; +# cafile = "/var/lib/acme/mqtt.stubbe.rocks/full.pem"; +# certfile = "/var/lib/acme/mqtt.stubbe.rocks/cert.pem"; +# keyfile = "/var/lib/acme/mqtt.stubbe.rocks/key.pem"; +# }; + host = "0.0.0.0"; + checkPasswords = true; + users."eeN!ei2eilo1aiT6" = { + acl = [ "topic readwrite myink/#" ]; + password = "AS5hoh5ug(ei8eer"; + }; + }; +}