Nice, worked for me, Using mqtt/Nodered/Homeassistant in docker on RPi4 all of a sudden just stopped, only after digging around found the 2.x upgrade messed it up. Your vid has got me back up and running again. Thx for posting.
Hi BeardedTinker, I'm running into a similar problem here to Mike Nexus. After the MQTT update I reinstalled the Mosquitto broker 5.1 because I was unsure, this action was apparently a bit too fast. The installation was successful, I see the addon_core_mosquitto container listed with the rest of the containers. The only problem is that I cannot start this container, the following error is displayed in the system log: 2/21/12 11:06:06 ERROR (SyncWorker_4) [supervisor.docker] Can't start addon_core_mosquitto: Error 500 Server Error for http + docker: //localhost/v1.39/containers/d7c8509a7660a026c18b467a2aec13b40590726aa49ea49590726be3407bc5da Server Internal ("OCI runtime create failed: container_linux.go: 345: starting container process caused" exec: \ "/ dev / init \": stat / dev / init: no such file or directory ": unknown") (btw, the docker folder on my Synology Volume 1 is completely empty, at least I don't see anything, ... weird,... maybe the files are hidden ...) Do you have any idea how to fix this problem? Thanks in advance, Benny
Those are not the same problems. This doesn't apply for add-on mosquitto. It is only for eclipse mosquitto installed directly in Docker. The problem you are having can be connected to hassio running on Synology and supervisor version 2021.02.x And if you do run hassio and are getting this error, it can be fixed, but not easily.
@@BeardedTinker Thanks for your answer. I understand that it is a different type of situation but would it be possible to give me a hint what I should do to fix this problem? Maybe instead of Mosquittto broker, installing eclipse mosquitto directly in Docker, or something else will be a easier solution?
I would definitely recommend to move to separate docker at this time. I have older video on installing it, but it's simple: connect with terminal to Synology, and create few folders: /volume1/docker/mqtt, /volume1/docker/mqtt/config, /volume1/docker/mqtt/log, /volume1/docker/mqtt/data Next create mosquitto.conf in config folder with following: persistence true persistence_location /mosquitto/data/ log_dest file /mosquitto/log/mosquitto.log allow_anonymous true listener 1883 192.168.1.202 And run this to create it: sudo docker run --name=mqtt -itd --restart=always --net=host -v /volume1/docker/mqtt/config:/mosquitto/config/ -v /volume1/docker/mqtt/config/mosquitto.conf:/mosquitto/config/mosquitto.conf -v /volume1/docker/mqtt/data:/mosquitto/data -v /volume1/docker/mqtt/log:/mosquitto/log eclipse-mosquitto
@@BeardedTinker Hi, for someone who does not know much about the entire docker functionality, set-up and configuration via terminal, it is of course always difficult to make the decision to implement this just like that, hence my question for your opinion. I always have the feeling that I can quickly destroy something else via terminal. The commands in terminal are always strange to me because compared to windows there is little or almost no visual structure in it, of course it is a matter of practice I suspect. In the meantime I have installed the latest version of eclipse-mosquitto directly in docker, as recommended by you. It was the right decision, everything works as before. Thank you very much for thinking along. Have a nice day, Benny
Works great in my local network. How can I enable IPv6? My ISP has shared IPv4 addresses, so I can't connect to my network from outside via IPv4 ("Dual-Stack Lite"). I guess I should set-up authorization anyway before I make it available from the internet...
Have to admit I do not have a clue - ipv6 is disabled at my network. But the question is, why do you need external access to it? Do you have external sensor with Internet connection? And watch out as this fix was oriented towards internal use only.
This did not fix the problem for me. It opens the listening sockets (the log shows that) and then proceeds to continue to do nothing when receiving commands.
What version are you running. Some have experienced additional issues with latest version and I still haven't installed/updated to it. Check version - if it's 2.0.12 that could be the issue. Try to pull 2.0.10 version. This one should work.
@@BeardedTinker Bad news and good news. The bad news is that nothing I tried was able to fix it. The good news is that everything worked perfectly when I tried running it on my main web server as opposed to my Raspberry Pi server.
Absolutely great! But please clarify me "listener 1883 ip_addr". In my case it runs without IP, but with IP of the server I got error in log (Error: Address not available). I understand IP should be IP of the Mosquitto server. Am I wrong?
Thanks for the comment Robert! IP address should be up address of the host where you run docker. Are you running MQTT is host or bridge mode? That could possibly influence it.
@@BeardedTinker Thank You for the hint. Yes, my MQTT runs in docker and if I use docker's address it works well. At the end, docker is always guilty ;-)
I was getting the same error and then I was getting "Error: Invalid persistence value (true" In my case the solution was to convert the configuration file to unix format
Hope you got it working once again 😃 Just please remember that these changes that were implemented are there to enhance security - and this fix disables them.
@@BeardedTinker Yes. It's working again, thankyou 😀 Quick question. Does the fact that I am currently ONLY using devices (ESP32's and 8266's) on my LAN coupled with the fact that I have NOT opened Port 1883 on my router allow me to ignore the security concern(s) for the time being? (Some who read this will marvel at my ignorance 🤔 )
Let me give you personal opinion here - you should be OK with that. General rule - if you need to open ports, DON'T - think twice, wait for few days, reconsider and if by then you don't find other way, then open it but only for as long as needed. Also, for attacks, you don't need open ports - open ports just make it easier. But as I said, you should be OK with this setup.
@@BeardedTinker Thank you I had thought I was OK but that 'thought' is based on rather limited knowledge. Do you know of a good overview that someone has created relating to internet security? Yes, I know it's an enormous topic (minefield)! Maybe something that starts with the obvious no-no's and then drills down to the less likely methods of attack and how to avoid them. This is maybe an important area for those, like me, who are starting to explore the IoT and thinking of running it over their LAN
The "Fix" although resolving the problem is still counterproductive to the idea of the change from the mosquitto team. Their point was improve securitity and make people do explicitly something that is not advisable to lower it. I would say that the better approach is to setup a proper authentication. F.E. my setup github.com/zeridon/homeassistant/tree/master/mosquitto/config . The setup itself is based on good practices and is made somewhat modular. There is base config that relates mostly to performance and resource limiting and then on there are listeners (with possible settings per listener) and separate passwordfiles and acl's. Yes it can be a bit of work to set the acl's properly but it pays off. Another thing to note is that now "write" level access does not include "read" (e.g. you need to specify readwrite instead of just write.
That's true, but you have to look at big picture. If you are enterprise getting MQTT up in cloud, you don't want it available before you configure it. For home users that have closed ports, it should be sufficient. Adding ACL's, splitting network traffic, adding certificate... It of course always helps. I use per decide type dedicated credentials too for MQTT...
BTW As I'll probably release new MQTT video, can I link you repo there? I'll not be going through ACL's but would like to reference it as possible improvements for setup?
@@BeardedTinker yes MQTT add-on and with HA Supervised, had same problem with RPC shutdown, always same error message : starting container process caused \"exec: \\\"/dev/init\\\": stat /dev/init: no such file or directory\
@@philou1516 are you running hass.io package on Synology? Let me presume - yes. IN that case, you can do nothing about it, at least permanently. You can move MQTT to Docker and try running it for some time more, but this package has been removed due to changes that can not be fixed on Synology. There are two possible solutions for you - I have videos on both - migrate to HA in Docker or migrate to Synology VMM, of course if your Synology supports it.
Hi, I have the same issue with mqtt. I used your video "... Synology - #004" video to install mqtt. Everything was great until the recent security change. The problem I'm having now with your update is that there is no config file under docker/mqtt/config. Actually, I also have no files under mqtt/data and mqtt/log using DSM file station or putty so I am unable to update the config file. I can see the logs using portainer version 2.1.1. Do you have any suggestions? Thanks.
Since MQT really doesn't keep any crucial files, I would recommend that you reinstall it. First delete current container. Next create mosquitto.conf in config folder with following: persistence true persistence_location /mosquitto/data/ log_dest file /mosquitto/log/mosquitto.log allow_anonymous true listener 1883 192.168.1.202 And recreate it with: sudo docker run --name=mqtt -itd --restart=always --net=host -v /volume1/docker/mqtt/config:/mosquitto/config/ -v /volume1/docker/mqtt/config/mosquitto.conf:/mosquitto/config/mosquitto.conf -v /volume1/docker/mqtt/data:/mosquitto/data -v /volume1/docker/mqtt/log:/mosquitto/log eclipse-mosquitto I also don't have any files inside data folder...
I have old video on this that should still work: th-cam.com/video/HbkXQErileU/w-d-xo.html It doesn't talk about activating front end, but it should be easy - you just need to add few more lines to configuration file: frontend: # Optional, default 8080 port: 8080 # Optional, default 0.0.0.0 host: 0.0.0.0 # Optional, enables authentication, disabled by default auth_token: your-secret-token
This is why I support you as a member of your Channel. It always save me time when I need to do something in Home Assistant.
Per, thank you so much for all of your support and comments! You helped me a lot - don't forget that :D
Nice, worked for me, Using mqtt/Nodered/Homeassistant in docker on RPi4 all of a sudden just stopped, only after digging around found the 2.x upgrade messed it up. Your vid has got me back up and running again. Thx for posting.
Glad you got it working again! 😃
Thank you. Yet another quick fix for my running config applied. Excellent guide as always!
Thank you Peter and thanks for the support!!!
Thanks for the help. This worked. I must of had a typo like you suggested in your other video.
Glad it helped Andy! And no worries I had a lot of typos :D
Hi BeardedTinker,
I'm running into a similar problem here to Mike Nexus.
After the MQTT update I reinstalled the Mosquitto broker 5.1 because I was unsure, this action was apparently a bit too fast.
The installation was successful, I see the addon_core_mosquitto container listed with the rest of the containers. The only problem is that I cannot start this container, the following error is displayed in the system log:
2/21/12 11:06:06 ERROR (SyncWorker_4) [supervisor.docker] Can't start addon_core_mosquitto: Error 500 Server Error for http + docker: //localhost/v1.39/containers/d7c8509a7660a026c18b467a2aec13b40590726aa49ea49590726be3407bc5da Server Internal ("OCI runtime create failed: container_linux.go: 345: starting container process caused" exec: \ "/ dev / init \": stat / dev / init: no such file or directory ": unknown")
(btw, the docker folder on my Synology Volume 1 is completely empty, at least I don't see anything, ... weird,... maybe the files are hidden ...)
Do you have any idea how to fix this problem?
Thanks in advance,
Benny
Those are not the same problems. This doesn't apply for add-on mosquitto. It is only for eclipse mosquitto installed directly in Docker.
The problem you are having can be connected to hassio running on Synology and supervisor version 2021.02.x And if you do run hassio and are getting this error, it can be fixed, but not easily.
@@BeardedTinker Thanks for your answer.
I understand that it is a different type of situation but would it be possible to give me a hint what I should do to fix this problem?
Maybe instead of Mosquittto broker, installing eclipse mosquitto directly in Docker, or something else will be a easier solution?
I would definitely recommend to move to separate docker at this time. I have older video on installing it, but it's simple:
connect with terminal to Synology, and create few folders: /volume1/docker/mqtt, /volume1/docker/mqtt/config, /volume1/docker/mqtt/log, /volume1/docker/mqtt/data
Next create mosquitto.conf in config folder with following:
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
allow_anonymous true
listener 1883 192.168.1.202
And run this to create it:
sudo docker run --name=mqtt -itd --restart=always --net=host -v /volume1/docker/mqtt/config:/mosquitto/config/ -v /volume1/docker/mqtt/config/mosquitto.conf:/mosquitto/config/mosquitto.conf -v /volume1/docker/mqtt/data:/mosquitto/data -v /volume1/docker/mqtt/log:/mosquitto/log eclipse-mosquitto
@@BeardedTinker Hi, for someone who does not know much about the entire docker functionality, set-up and configuration via terminal, it is of course always difficult to make the decision to implement this just like that, hence my question for your opinion. I always have the feeling that I can quickly destroy something else via terminal. The commands in terminal are always strange to me because compared to windows there is little or almost no visual structure in it, of course it is a matter of practice I suspect.
In the meantime I have installed the latest version of eclipse-mosquitto directly in docker, as recommended by you.
It was the right decision, everything works as before.
Thank you very much for thinking along.
Have a nice day, Benny
@@bennyrosenwasser2567 glad it's working!
Works great in my local network. How can I enable IPv6? My ISP has shared IPv4 addresses, so I can't connect to my network from outside via IPv4 ("Dual-Stack Lite"). I guess I should set-up authorization anyway before I make it available from the internet...
Have to admit I do not have a clue - ipv6 is disabled at my network.
But the question is, why do you need external access to it? Do you have external sensor with Internet connection?
And watch out as this fix was oriented towards internal use only.
This did not fix the problem for me. It opens the listening sockets (the log shows that) and then proceeds to continue to do nothing when receiving commands.
What version are you running. Some have experienced additional issues with latest version and I still haven't installed/updated to it. Check version - if it's 2.0.12 that could be the issue. Try to pull 2.0.10 version. This one should work.
@@BeardedTinker Bad news and good news. The bad news is that nothing I tried was able to fix it. The good news is that everything worked perfectly when I tried running it on my main web server as opposed to my Raspberry Pi server.
@@Varian-Killbot hmm - that's strange... No idea why that would happen...
Absolutely great! But please clarify me "listener 1883 ip_addr". In my case it runs without IP, but with IP of the server I got error in log (Error: Address not available). I understand IP should be IP of the Mosquitto server. Am I wrong?
Thanks for the comment Robert! IP address should be up address of the host where you run docker.
Are you running MQTT is host or bridge mode? That could possibly influence it.
@@BeardedTinker Thank You for the hint. Yes, my MQTT runs in docker and if I use docker's address it works well. At the end, docker is always guilty ;-)
I was getting the same error and then I was getting "Error: Invalid persistence value (true"
In my case the solution was to convert the configuration file to unix format
you saved me a LOT of frustration - thanks!
Glad I could helped - thank you for watching!!
Thank you for the Vid. I am just starting out with IoT + MQTT + Docker. I did wonder why my first little project just stopped working!
Hope you got it working once again 😃
Just please remember that these changes that were implemented are there to enhance security - and this fix disables them.
@@BeardedTinker Yes. It's working again, thankyou 😀
Quick question. Does the fact that I am currently ONLY using devices (ESP32's and 8266's) on my LAN coupled with the fact that I have NOT opened Port 1883 on my router allow me to ignore the security concern(s) for the time being? (Some who read this will marvel at my ignorance 🤔 )
Let me give you personal opinion here - you should be OK with that. General rule - if you need to open ports, DON'T - think twice, wait for few days, reconsider and if by then you don't find other way, then open it but only for as long as needed. Also, for attacks, you don't need open ports - open ports just make it easier.
But as I said, you should be OK with this setup.
@@BeardedTinker Thank you
I had thought I was OK but that 'thought' is based on rather limited knowledge.
Do you know of a good overview that someone has created relating to internet security? Yes, I know it's an enormous topic (minefield)!
Maybe something that starts with the obvious no-no's and then drills down to the less likely methods of attack and how to avoid them.
This is maybe an important area for those, like me, who are starting to explore the IoT and thinking of running it over their LAN
I noticed the default paths also changed from '/mqtt/' to '/mosquitto/'.
Inside image? I think for eclipse package, they are the same as they were before.
The "Fix" although resolving the problem is still counterproductive to the idea of the change from the mosquitto team. Their point was improve securitity and make people do explicitly something that is not advisable to lower it. I would say that the better approach is to setup a proper authentication. F.E. my setup github.com/zeridon/homeassistant/tree/master/mosquitto/config . The setup itself is based on good practices and is made somewhat modular. There is base config that relates mostly to performance and resource limiting and then on there are listeners (with possible settings per listener) and separate passwordfiles and acl's. Yes it can be a bit of work to set the acl's properly but it pays off. Another thing to note is that now "write" level access does not include "read" (e.g. you need to specify readwrite instead of just write.
That's true, but you have to look at big picture. If you are enterprise getting MQTT up in cloud, you don't want it available before you configure it. For home users that have closed ports, it should be sufficient.
Adding ACL's, splitting network traffic, adding certificate... It of course always helps.
I use per decide type dedicated credentials too for MQTT...
BTW As I'll probably release new MQTT video, can I link you repo there? I'll not be going through ACL's but would like to reference it as possible improvements for setup?
@@BeardedTinker Sure thing :) If it helps go for it.
Oh man. That thumbnail. Guess I need to up my thumbnail game! Oh and awesome video!
Had to do something about thumbnails 😂 but I did have guidance as my design skills are non-existent. And thanks for the comment!!!
I can't start mosquito broker 5.1.1 in docker on Synology, any idea please?
You are using MQTT add-on? From Home Assistant Supervised? No, can't help you. I don't use it. I've read that there were some issue with it.
@@BeardedTinker yes MQTT add-on and with HA Supervised, had same problem with RPC shutdown, always same error message : starting container process caused \"exec: \\\"/dev/init\\\": stat /dev/init: no such file or directory\
@@philou1516 are you running hass.io package on Synology?
Let me presume - yes. IN that case, you can do nothing about it, at least permanently. You can move MQTT to Docker and try running it for some time more, but this package has been removed due to changes that can not be fixed on Synology.
There are two possible solutions for you - I have videos on both - migrate to HA in Docker or migrate to Synology VMM, of course if your Synology supports it.
@@BeardedTinker ok thx for your answers, will investigate that
Thankyou. Your video helped me.
Glad it helped you and thanks for your comment!!!
Hi, I have the same issue with mqtt. I used your video "... Synology - #004" video to install mqtt. Everything was great until the recent security change. The problem I'm having now with your update is that there is no config file under docker/mqtt/config. Actually, I also have no files under mqtt/data and mqtt/log using DSM file station or putty so I am unable to update the config file. I can see the logs using portainer version 2.1.1. Do you have any suggestions? Thanks.
Since MQT really doesn't keep any crucial files, I would recommend that you reinstall it.
First delete current container.
Next create mosquitto.conf in config folder with following:
persistence true
persistence_location /mosquitto/data/
log_dest file /mosquitto/log/mosquitto.log
allow_anonymous true
listener 1883 192.168.1.202
And recreate it with:
sudo docker run --name=mqtt -itd --restart=always --net=host -v /volume1/docker/mqtt/config:/mosquitto/config/ -v /volume1/docker/mqtt/config/mosquitto.conf:/mosquitto/config/mosquitto.conf -v /volume1/docker/mqtt/data:/mosquitto/data -v /volume1/docker/mqtt/log:/mosquitto/log eclipse-mosquitto
I also don't have any files inside data folder...
@@BeardedTinker Thank you. I deleted the container. However, I get "persistence: command not found" when I enter the command using putty.
Nope, you made mistake, it wrote that this part has to be inside mosquitto.conf file.
@@BeardedTinker THANK YOU. 😊 😁 👍
@@MikeySoft everything working?😉
How to install zigbee2mqtt?
I have old video on this that should still work: th-cam.com/video/HbkXQErileU/w-d-xo.html
It doesn't talk about activating front end, but it should be easy - you just need to add few more lines to configuration file:
frontend:
# Optional, default 8080
port: 8080
# Optional, default 0.0.0.0
host: 0.0.0.0
# Optional, enables authentication, disabled by default
auth_token: your-secret-token
Thanks 👍
Thank you Martin!
Thanks!