1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47 { inputs, config, pkgs, ... }:
{
age.secrets = {
mosquitto-passwd-katja = {
file = ./. + "/../../../secrets/${config.networking.hostName}/mosquitto/passwd-katja.age";
owner = "mosquitto";
};
};
services = {
mosquitto = {
enable = true;
persistence = false;
settings = {
max_keepalive = 60;
};
listeners = [
{
port = 1883;
omitPasswordAuth = true;
users = {};
settings = {
allow_anonymous = true;
};
acl = [ "topic readwrite #" "pattern readwrite #" ];
}
{
address = "::1";
port = 9005;
users = {
katja.passwordFile = config.age.secrets.mosquitto-passwd-katja.path;
};
settings = {
protocol = "websockets";
};
acl = [ "topic readwrite #" "pattern readwrite #" ];
}
];
};
};
}