This was exactly what I needed for a tutorial. I didn't do everything perfect in one go but thanks to your clear explanation everything is working now. I am so happy with this!
Just set this up today. Great video. One change and one note Change: @7:03 do not need the IP anymore, just "listener 1883" Note: To connect to this in Home Assistant running in Docker on my NAS, I added the Integration "MQTT" with Broker: [Synology IP] It's been a while and I had issues with the dumb stuff. Figured I'd note it down here for anyone else
FYI I used the standard eclipse-mosquitto latest (no special ssl version) which is currently 2.0.18 and it works fine in DSM 7.2.1-69057 Update 3 as a container in Container Manager, including running the command to create passwords within the Container Manager terminal. Might be simpler for folks to not have to worry about a different version now.
When I started mqtt received in container log: "Error: Unable to open log file /mqtt/log/mosquitto.log for writing." "Error: No such file or directory." But zigbee2mqtt can connect and working ok. Also folders were created with File Station. Any clue what is wrong?
There are few possible issues, but best bet is that rights for the folder/file are not correct. You can try chown to change owner of the folder (from terminal) and chmod (also in terminal) to give other users read/write access.
It's running OK - I have it on DSM 7.1 and 7.2. Or do you say that mosquitto is not running in docker? Try using older version. I'm not using it anymore directly in Docker container.
Did I spot another typo in the docker run line at 8:56, mosquittp? Did the sample still run like that or had you spotted it earlier, I see it is correct in the description
Mosquittp? Yes you did - I did correct it later on of camera. But as I already re-recorded that part at least 5 times, was pretending it didn't happen 😉
Hi! Thank you, I have installed Mosquitto and it is running. However, I have installed Docker using SSH, I do not have Docker GUI nor Portainer. When I am trying to run mosquitto_passwd from the terminal, I get a command not found message. What can I do?
Mosquitto_passwd has to be run from within Docker - you can use connect command to connect via terminal to Docker and access terminal from within. Forgot what command was as I haven't used it in a looking time. Something like Docker attach or something close to that
@@BeardedTinker thank you very much for your reply. I googled it, and the command is docker attach CONTAINER. So, I tried to sudo docker attach and provided the name of the eclipse-mosquitto:openssl container. It appears like the command is hung, until I realized that the docker is simply not interacting. So. I typed in mosquitto_passwd -U followed with the password filename, hit enter, then Ctrl+C to exit. But when I open the password file after this, it is still unencripted - probably meaning that mosquitto_passwd didn't work... Anything else that I might be missing?
I have found that there is a container exec command. So, I am trying this, but I get "Unable to open password file: no such file ot directory" error: sudo docker container exec bbc6ea97db5f mosquitto_passwd -U /volume1/docker/mqtt/config/pwd Very strange, because the file is there
There can be issues with permissions on pwd file. That is most common problem. Other thing, I really recommend to execute command from within docker, not using execute but going for attach. Use command: "sudo docker ps -a" to get a list of docker names. Than use docker attach and container name (usually random numbers and letters).
@@BeardedTinker Thank you for getting back to me, trying to help with my issues. I forgot to tell that I had chmod 777 to the password file. When I try to attach the container from docker, it doesn't work. I mean, if I type a wrong command, it should transfer docker error messages to the terminal. But nothing happens. I enter the commands, and there is no response, regardless of whatever I type there. It just adds the text I add, on a new line after I hit enter, and there is nothing, until I terminate by Ctrl+C, And then I check the password file - it is unencrypted. With execute, at least I am getting some feedback from docker... Should I give up?
Thanks for the video. Helped alot. I managed to get Mosquitto up and running and zigbee2mqtt running and connected to Mosquitto. But I can't seem to be able to connect home assistant MQTT integration with mosquitto.
Strange - the only thing you should really need is to use IP address of your mosquitto, port number and if you defined username and password. There shouldn't be anything else needed. Do you see any error in log files?
I am confused about the different versions of MQTT you can find. 2.x, 3.x and 5.x. Following your video the MQTT version is 2.0.11. on the Synology. On Synology in Docker you can find an eclipse-mosquitto image which implements MQTT version 5, 3.1.1 and 3.1 But when I install that version the container/info still reports version 2.0.11 Is it better to use version 3 and/or 5?
You are right - it is a bit confusing, but that's because MQTT protocol versions are not following MQTT release versions. So, for example, MQTT protocol version 5.0 is implemented inside MQTT application version 2.x, but this release version also supports older protocol versions. You don't need to do anything in terms of protocol - that depends on individual applications what they will use.
Bloody marvelous! I've been pulling my hair out months in frustration at MQTT/HASSIO bugs/updates. Your solution works for me perfectly. Thank you for sharing.
@@BeardedTinker Yes, I worked according to your video (cut and past). I just changed the IP-number of the listener. Just saying restarting.. when looking in the container
This seems to be the problem: 1638999928: mosquitto version 2.0.14 starting 1638999928: Config loaded from /mosquitto/config/mosquitto.conf. 1638999928: Opening ipv4 listen socket on port 1883. 1638999928: Error: Address not available
You are using bind_address on configuration file? Is that IP address of your Synology? Check here for documentation on default listener and port/address use. I think you can also leave out bind_address if you have prot specified. mosquitto.org/man/mosquitto-conf-5.html
Try also adding this: socket_domain ipv4 In configuration file. Make sure that you have this (which you do according to the log): listener 1883 And if you have: bind_address: Try removing it.
Hi I am still having problems now with the password file. It is created as per video by VIM and appears in config. however when i try to create user/passwd by command line i receive error mosquitto_password not found. MQTT is running but is refusing connection. Please could you give me some advice on how to fix this as it seems as this file is not being read?Thanks.
This potentially can be permission error. You can try and connect to MQTT docker via terminal (internal session) and try command there. Or change permission and ownership of the file with chown chmod commands.
Hi! Love your videos - followed many of your tutorials! I followed your video very carefully but when I want to configure MQTT in Home Assistant using the username and password created in the steps above, Home Assistant says "Failed to connect" and in the log "Unable to connect to the MQTT broker: Connection Refused: not authorised.". In the mClient home-assistant disconnected, not authorised.". Any idea why this might be? It connects to Home Assistant absolutely fine without the username and password but I would like the extra security! Many thanks!
Thank you David!!! If you did setup in MQTT username and password and you do see them in pwd file, you should only need to add them to Home Assistant MQTT integration. There shouldn't be anything else. I still use it like this and AFAIK there was no additional changes there. To test username and password, you could download MQTT Lens or MQTT Explorer and try to connect with them by using username and password to your MQTT server. If it fails, maybe you had typo somewhere. Just delete password file or add new username/password.
Thank you, worked!! Would be great to see how to make one port on a broker use ssl/tls on synology to be able to interact with javascript etc.. pleezz 🙂
Do you have trusted certificate from for example Let's encrypt? If yes, that's just configuration option . You need to add in configuration file path to certificate and also port that it will run on: community.home-assistant.io/t/mqtt-supporting-tls-and-non-tls-simultaneosly/10549/2?u=beardedconti I need to test it, but it will take some time to do it.
Please enlighten me why is it good to use usr/pass when anyone can join this MQTT server anonimously regardless? Those devices who support username and password usually have the option to rename the device too.
After you implement in all devices username/ password you can remove it. In my main setup it's been set to false for long time. Only known devices can access it. But most people run it without credentials.
Hello, Thank you for your videos I think there is a typo in Docker install command. f:/mosquitto/conf/mosquitto.conf it should be f:/mosquitto/config/mosquitto.conf
What version of Eclipse Mosquitto are you installing? I still run version 2.0 and works fine. If you have pulled newer version maybe there were some changes. Currently I don't have time to test and see if and what changes were made in last year or so. And BTW - if you see it listed that means that it is installed but not running. You can check Docker for any possible errors during container startup Also, when you installed it, if it encountered any error it can (sometimes) list them after running docker run command.
@@BeardedTinker yeah I mixed and matched the commands so I used the -U command first after following your video then attempted to add another user using -b command.
@@apted still that is strange. You should be able to add new users with -b. Did you type both username and password on command line? Other option you have is to retype your passwords file from beginning of course - not the best option, but ...
Hi BD, it's me again !!! Followed this great video, I've got this message in my log file. What does it mean ? "1662714562: mosquitto version 2.0.15 starting 1662714562: Config loaded from /mosquitto/config/mosquitto.conf. 1662714562: Opening ipv4 listen socket on port 1883. 1662714562: Error: Address in us"
Hmmm - it's been some time. I think you need to check two things: 1) Is your Docker container started with -net=host or not. This maps IP address of Host to Docker MQTT container 2) In mosquitto configuration file - check that you have something like this: listener 1883 192.168.1.202 Where the IP address matches one you use. This is most common possible problem. But also, if you already have something running on port 1883, that could also be a problem. If anything else pops in my mind, I'll drop you a line.
@@BeardedTinker I don't know how to check first point... And for the second point, yes, my config file specifies "listener 1883 192.168.0.37", which is the ip adress of my synology. On my router, I checked if the 1883 port was in use and... it's not. Update : yes, for the first point, I used "--net=host" when I typed the installation command !
This ended up in SPAM. Check that you don't have 2 mqtt containers running at the same time. This can be a problem. Try in command prompt: docker ps -a This will list all containers that are currently running.
3 years on and you're still helping people. Thanks as usual
Glad to help
This was exactly what I needed for a tutorial. I didn't do everything perfect in one go but thanks to your clear explanation everything is working now. I am so happy with this!
Glad you have it working!!! Thank you for the comment!!!
One of the few tutorials that actually worked!!!
Thank you and glad it was useful!!!!
Just set this up today. Great video. One change and one note
Change: @7:03 do not need the IP anymore, just "listener 1883"
Note: To connect to this in Home Assistant running in Docker on my NAS, I added the Integration "MQTT" with Broker: [Synology IP]
It's been a while and I had issues with the dumb stuff. Figured I'd note it down here for anyone else
And thank you for noting it :)
THANKYOU
I've been a fan in the shadows for a while. The tutorials are great! Thank you.
I'm so glad Craig! Thank you!
first tutorial that actually works, thank you!!!
Glad it helped!
FYI I used the standard eclipse-mosquitto latest (no special ssl version) which is currently 2.0.18 and it works fine in DSM 7.2.1-69057 Update 3 as a container in Container Manager, including running the command to create passwords within the Container Manager terminal. Might be simpler for folks to not have to worry about a different version now.
I'm still on early 2.0.x release - haven't updated it in year(s). But thanks for this. Will check it out!!!!
Thank you so much, great tutorial. All is working like a charm 🎉
Glad it helped - thanks for the comment!!
Thanks for your wonderful tutorial. I have learnt a lot from all your videos..
Thank you for your comment - glad you found them useful!!!
Works on DSM 7.x too :) Many thanks for this tutorial, great job !
Glad it helped!
Perfect. It works now! Thankyou.
Glad it helped
nice tutorial. eclipse is a mess when you try to start it from the gui but this way it works like it should
Thank you! Glad you got it working!
When I started mqtt received in container log:
"Error: Unable to open log file /mqtt/log/mosquitto.log for writing."
"Error: No such file or directory."
But zigbee2mqtt can connect and working ok. Also folders were created with File Station.
Any clue what is wrong?
There are few possible issues, but best bet is that rights for the folder/file are not correct.
You can try chown to change owner of the folder (from terminal) and chmod (also in terminal) to give other users read/write access.
Why is docker not running anymore on synology DSM 7.1.1? Is there another way to secure mosquitto 2.x?
It's running OK - I have it on DSM 7.1 and 7.2. Or do you say that mosquitto is not running in docker? Try using older version. I'm not using it anymore directly in Docker container.
Did I spot another typo in the docker run line at 8:56, mosquittp? Did the sample still run like that or had you spotted it earlier, I see it is correct in the description
Mosquittp? Yes you did - I did correct it later on of camera. But as I already re-recorded that part at least 5 times, was pretending it didn't happen 😉
Hi! Thank you, I have installed Mosquitto and it is running. However, I have installed Docker using SSH, I do not have Docker GUI nor Portainer. When I am trying to run mosquitto_passwd from the terminal, I get a command not found message. What can I do?
Mosquitto_passwd has to be run from within Docker - you can use connect command to connect via terminal to Docker and access terminal from within.
Forgot what command was as I haven't used it in a looking time. Something like Docker attach or something close to that
@@BeardedTinker thank you very much for your reply. I googled it, and the command is docker attach CONTAINER. So, I tried to sudo docker attach and provided the name of the eclipse-mosquitto:openssl container. It appears like the command is hung, until I realized that the docker is simply not interacting. So. I typed in mosquitto_passwd -U followed with the password filename, hit enter, then Ctrl+C to exit. But when I open the password file after this, it is still unencripted - probably meaning that mosquitto_passwd didn't work... Anything else that I might be missing?
I have found that there is a container exec command. So, I am trying this, but I get "Unable to open password file: no such file ot directory" error: sudo docker container exec bbc6ea97db5f mosquitto_passwd -U /volume1/docker/mqtt/config/pwd Very strange, because the file is there
There can be issues with permissions on pwd file. That is most common problem.
Other thing, I really recommend to execute command from within docker, not using execute but going for attach.
Use command: "sudo docker ps -a" to get a list of docker names.
Than use docker attach and container name (usually random numbers and letters).
@@BeardedTinker Thank you for getting back to me, trying to help with my issues. I forgot to tell that I had chmod 777 to the password file. When I try to attach the container from docker, it doesn't work. I mean, if I type a wrong command, it should transfer docker error messages to the terminal. But nothing happens. I enter the commands, and there is no response, regardless of whatever I type there. It just adds the text I add, on a new line after I hit enter, and there is nothing, until I terminate by Ctrl+C, And then I check the password file - it is unencrypted. With execute, at least I am getting some feedback from docker... Should I give up?
Thanks for the video. Helped alot. I managed to get Mosquitto up and running and zigbee2mqtt running and connected to Mosquitto. But I can't seem to be able to connect home assistant MQTT integration with mosquitto.
Strange - the only thing you should really need is to use IP address of your mosquitto, port number and if you defined username and password. There shouldn't be anything else needed.
Do you see any error in log files?
I am confused about the different versions of MQTT you can find.
2.x, 3.x and 5.x. Following your video the MQTT version is 2.0.11. on the Synology.
On Synology in Docker you can find an eclipse-mosquitto image which implements MQTT version 5, 3.1.1 and 3.1
But when I install that version the container/info still reports version 2.0.11
Is it better to use version 3 and/or 5?
You are right - it is a bit confusing, but that's because MQTT protocol versions are not following MQTT release versions. So, for example, MQTT protocol version 5.0 is implemented inside MQTT application version 2.x, but this release version also supports older protocol versions.
You don't need to do anything in terms of protocol - that depends on individual applications what they will use.
@@BeardedTinker Thanks, that explains a lot..
What is ash command? is it specific to Mqtt?
ash command is used to read lines from terminal or from file. It's linux specific command.
Bloody marvelous! I've been pulling my hair out months in frustration at MQTT/HASSIO bugs/updates. Your solution works for me perfectly. Thank you for sharing.
Glad you managed to resolve your issues!!! Thanks 👍
When running according to this video in Synolog7 it won't start. The only thing I get is restarting and nothing no log?? What is wrong?
What was the command you used to create it? It should work on Synology too? Did you create configuration file?
@@BeardedTinker Yes, I worked according to your video (cut and past). I just changed the IP-number of the listener. Just saying restarting.. when looking in the container
This seems to be the problem:
1638999928: mosquitto version 2.0.14 starting
1638999928: Config loaded from /mosquitto/config/mosquitto.conf.
1638999928: Opening ipv4 listen socket on port 1883.
1638999928: Error: Address not available
You are using bind_address on configuration file? Is that IP address of your Synology? Check here for documentation on default listener and port/address use.
I think you can also leave out bind_address if you have prot specified.
mosquitto.org/man/mosquitto-conf-5.html
Try also adding this:
socket_domain ipv4
In configuration file.
Make sure that you have this (which you do according to the log):
listener 1883
And if you have:
bind_address:
Try removing it.
Thank you for the tutorial. One question - what do you press to make insert work in conf file?
INS - Insert button on keyboard
@@BeardedTinker I am on Mac, so it is FN + Enter
@@gouriev3594 sorry, my bad - should have stated this... :)
@@gouriev3594 The "i" key also works
Hi I am still having problems now with the password file. It is created as per video by VIM and appears in config. however when i try to create user/passwd by command line i receive error mosquitto_password not found. MQTT is running but is refusing connection. Please could you give me some advice on how to fix this as it seems as this file is not being read?Thanks.
This potentially can be permission error. You can try and connect to MQTT docker via terminal (internal session) and try command there. Or change permission and ownership of the file with chown chmod commands.
Hi! Love your videos - followed many of your tutorials! I followed your video very carefully but when I want to configure MQTT in Home Assistant using the username and password created in the steps above, Home Assistant says "Failed to connect" and in the log "Unable to connect to the MQTT broker: Connection Refused: not authorised.". In the mClient home-assistant disconnected, not authorised.". Any idea why this might be? It connects to Home Assistant absolutely fine without the username and password but I would like the extra security! Many thanks!
Thank you David!!!
If you did setup in MQTT username and password and you do see them in pwd file, you should only need to add them to Home Assistant MQTT integration. There shouldn't be anything else.
I still use it like this and AFAIK there was no additional changes there.
To test username and password, you could download MQTT Lens or MQTT Explorer and try to connect with them by using username and password to your MQTT server. If it fails, maybe you had typo somewhere. Just delete password file or add new username/password.
Thank you, worked!!
Would be great to see how to make one port on a broker use ssl/tls on synology to be able to interact with javascript etc.. pleezz 🙂
To have both with and without SSL?
@@BeardedTinker yep.. arduino too slow and complex to tls, javascript too unforgiving to go websockets without..
Do you have trusted certificate from for example Let's encrypt? If yes, that's just configuration option .
You need to add in configuration file path to certificate and also port that it will run on: community.home-assistant.io/t/mqtt-supporting-tls-and-non-tls-simultaneosly/10549/2?u=beardedconti
I need to test it, but it will take some time to do it.
Please enlighten me why is it good to use usr/pass when anyone can join this MQTT server anonimously regardless? Those devices who support username and password usually have the option to rename the device too.
After you implement in all devices username/ password you can remove it. In my main setup it's been set to false for long time. Only known devices can access it. But most people run it without credentials.
Just to add on this - I did mention in the video and showed what line has to be removed to disable anonymous access after all devices have been setup.
Hello,
Thank you for your videos
I think there is a typo in Docker install command.
f:/mosquitto/conf/mosquitto.conf
it should be f:/mosquitto/config/mosquitto.conf
Thanks for the info! Fixed it in the video description!!!
next challenge, getting sensor data from esp8266 to Home Assistant running in docker on synology NAS with eclipse mqtt
Why didn't you go for ESPHome? It should be automatically imported to HA (of course if sensors are supported).
@@BeardedTinker Great thought, I didn't knew it excisted. I see there is a tutorial from you on youtube. With your guidance I will succeed 😃
This doesn't work for me :( It does not create a log file, and the container is not running. I did evertyhing like in the vid.
when i do docker container ls -a I see a container eclipse-mosquitti:openssl with and ID, but it is not installed ...
What version of Eclipse Mosquitto are you installing? I still run version 2.0 and works fine. If you have pulled newer version maybe there were some changes. Currently I don't have time to test and see if and what changes were made in last year or so.
And BTW - if you see it listed that means that it is installed but not running. You can check Docker for any possible errors during container startup Also, when you installed it, if it encountered any error it can (sometimes) list them after running docker run command.
@@BeardedTinker it is version 2.0.15 ... in docker my error is "adress not available". but it is running now
There is setting to define IP address of MQTT server. Check that one.
Works on OMV5/bananapi m1 armbian
That's great!!!
won't let me post a question :(
No idea why, checked in "held for review" - nothing there too
I’ll try again. For some reason it won’t let me create a username/password using the -b command, failed every-time with no error.
@@apted did you used -c command for the first time? File needs to be created already when you use -b command.
@@BeardedTinker yeah I mixed and matched the commands so I used the -U command first after following your video then attempted to add another user using -b command.
@@apted still that is strange. You should be able to add new users with -b. Did you type both username and password on command line? Other option you have is to retype your passwords file from beginning of course - not the best option, but ...
Hi BD, it's me again !!! Followed this great video, I've got this message in my log file. What does it mean ? "1662714562: mosquitto version 2.0.15 starting
1662714562: Config loaded from /mosquitto/config/mosquitto.conf.
1662714562: Opening ipv4 listen socket on port 1883.
1662714562: Error: Address in us"
Hmmm - it's been some time.
I think you need to check two things:
1) Is your Docker container started with -net=host or not. This maps IP address of Host to Docker MQTT container
2) In mosquitto configuration file - check that you have something like this: listener 1883 192.168.1.202 Where the IP address matches one you use.
This is most common possible problem. But also, if you already have something running on port 1883, that could also be a problem.
If anything else pops in my mind, I'll drop you a line.
@@BeardedTinker I don't know how to check first point... And for the second point, yes, my config file specifies "listener 1883 192.168.0.37", which is the ip adress of my synology. On my router, I checked if the 1883 port was in use and... it's not.
Update : yes, for the first point, I used "--net=host" when I typed the installation command !
This ended up in SPAM.
Check that you don't have 2 mqtt containers running at the same time. This can be a problem.
Try in command prompt:
docker ps -a
This will list all containers that are currently running.
@@BeardedTinker i got permission denied...
@@desmoniac1 add sudo in front of it.