MQTT Mosquitto Shelly: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (8 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
=Versuchsaufbau= | =Versuchsaufbau= | ||
| − | + | {{#drawio:Mqtt-mosquitto-shelly}} | |
=Der Mosquitto Broker= | =Der Mosquitto Broker= | ||
| Zeile 28: | Zeile 28: | ||
;Aus | ;Aus | ||
*mosquitto_pub -h 172.26.255.100 -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":false}}' | *mosquitto_pub -h 172.26.255.100 -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":false}}' | ||
| + | =Verschlüsseln= | ||
| + | ==Voraussetzungen== | ||
| + | *Funktionierendes DNS Konzept | ||
| + | *CA | ||
| + | *Signiertes CERT und ein passender KEY | ||
| + | ==Zertifikat einbauen== | ||
| + | *cp mqtt.lab.int.crt mqtt.lab.int.key ca.crt /etc/mosquitto/ | ||
| + | *cd /etc/mosquitto/ | ||
| + | *chown mosquitto:mosquitto mqtt.lab.int.crt mqtt.lab.int.key ca.crt | ||
| + | ==Konfigutaionsdatei== | ||
| + | *cat /etc/mosquitto/conf.d/default.conf | ||
| + | allow_anonymous false | ||
| + | password_file /etc/mosquitto/passwd | ||
| + | listener 8883 0.0.0.0 | ||
| + | log_type all | ||
| + | log_type debug | ||
| + | '''listener 8883 0.0.0.0''' | ||
| + | '''cafile /etc/mosquitto/ca.crt''' | ||
| + | '''certfile /etc/mosquitto/mqtt.lab.int.crt''' | ||
| + | '''keyfile /etc/mosquitto/mqtt.lab.int.key''' | ||
| + | '''require_certificate false''' | ||
| + | ==Restart und Checken== | ||
| + | *systemctl restart mosquitto.service | ||
| + | *tail -f /var/log/mosquitto/mosquitto.log | ||
| + | ==Einbau in das Shelly-Relais== | ||
| + | ;CA Stammzertifikat hochladen | ||
| + | [[Datei:Mqtt-shell-12.png]] | ||
| + | ;Shelly auf TLS stellen. | ||
| + | [[Datei:Mqtt-shell-13.png]] | ||
| + | ==Client== | ||
| + | ;Anschalten | ||
| + | *mosquitto_pub --cafile ca.crt -h mqtt.lab.int -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":true}}' | ||
| + | ;Ausschalten | ||
| + | *mosquitto_pub --cafile ca.crt -h mqtt.lab.int -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":false}}' | ||
Aktuelle Version vom 4. November 2024, 10:06 Uhr
Versuchsaufbau
![Bearbeiten](javascript:editDrawio("182401282", "Mqtt-mosquitto-shelly.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Der Mosquitto Broker
- Installation
- sudo apt install mosquitto mosquitto-clients
- Passwot setzen
- sudo mosquitto_passwd -c /etc/mosquitto/passwd xinux
- Grundkonfiguration
- sudo cat /etc/mosquitto/conf.d/default.conf
allow_anonymous false password_file /etc/mosquitto/passwd bind_address 0.0.0.0 log_type all log_type debug
- Restarten des Brokers
- sudo systemctl restart mosquitto.service
Verbindung
- Wir verbinden uns über WLAN(Smartphone mit dem Shelly.
Wlan Client
Unsichere Verbindnung
Schalten über die Konsole
- An
- mosquitto_pub -h 172.26.255.100 -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":true}}'
- Aus
- mosquitto_pub -h 172.26.255.100 -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":false}}'
Verschlüsseln
Voraussetzungen
- Funktionierendes DNS Konzept
- CA
- Signiertes CERT und ein passender KEY
Zertifikat einbauen
- cp mqtt.lab.int.crt mqtt.lab.int.key ca.crt /etc/mosquitto/
- cd /etc/mosquitto/
- chown mosquitto:mosquitto mqtt.lab.int.crt mqtt.lab.int.key ca.crt
Konfigutaionsdatei
- cat /etc/mosquitto/conf.d/default.conf
allow_anonymous false password_file /etc/mosquitto/passwd listener 8883 0.0.0.0 log_type all log_type debug listener 8883 0.0.0.0 cafile /etc/mosquitto/ca.crt certfile /etc/mosquitto/mqtt.lab.int.crt keyfile /etc/mosquitto/mqtt.lab.int.key require_certificate false
Restart und Checken
- systemctl restart mosquitto.service
- tail -f /var/log/mosquitto/mosquitto.log
Einbau in das Shelly-Relais
- CA Stammzertifikat hochladen
- Shelly auf TLS stellen.
Client
- Anschalten
- mosquitto_pub --cafile ca.crt -h mqtt.lab.int -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":true}}'
- Ausschalten
- mosquitto_pub --cafile ca.crt -h mqtt.lab.int -u xinux -P 123Start$ -t "shellyplus1-255/rpc" -m '{"id":1,"src":"user","method":"Switch.Set","params":{"id":0,"on":false}}'