xoxys.mosquitto/defaults/main.yml
2018-11-07 23:19:00 +01:00

61 lines
1.8 KiB
YAML

---
mosquitto_base_dir: /etc/mosquitto
mosquitto_pid_file: /var/run/mosquitto.pid
mosquitto_user: mosquitto
mosquitto_group: mosquitto
mosquitto_port: 1883
mosquitto_bind_address: "{{ ansible_default_ipv4.address }}"
mosquitto_persistence_enabled: False
mosquitto_persistence_path: /var/lib/mosquitto/mosquitto.db
mosquitto_iptables_enabled: False
mosquitto_password_auth_enabled: False
mosquitto_password_auth_file: "{{ mosquitto_base_dir }}/passwd"
# mosquitto_password_auth_users: (defaults to not set)
# - admin:
# password: mysecret
# state: present
# - user1:
# password: very_secure
# state: absent
mosquitto_acl_enabled: False
mosquitto_acl_file: "{{ mosquitto_base_dir }}/aclfile"
# mosquitto_acl: (defaults to not set)
# - iot:
# user: admin
# acl_base: topic # (topic|pattern, defaults to topic)
# acl_topic: "#"
# acl_policy: readwrite
# - readonly_iot:
# user: user1
# acl_base: topic
# acl_topic: my/devices
# acl_policy: readwrite
mosquitto_tls_enabled: False
mosquitto_tls_ciphers:
- DEFAULT
- "!aNULL"
- "!eNULL"
- "!LOW"
- "!EXPORT"
- "!SSLv2"
- "@STRENGTH"
mosquitto_ca_path: /etc/pki/tls/certs/
# You can deploy your certificates from a file or from content.
# If you enable mosquitto_tls_source_use_content you have to put the content of your cert files into
# mosquitto_tls_cert_path and mosquitto_tls_cert_path.
mosquitto_tls_source_use_content: False
# If you enable mosquitto_tls_source_use_files theses variables have to contain the path to your
# certificate files located on the ansible "master" host
mosquitto_tls_source_use_files: True
mosquitto_tls_cert_source: mycert.pem
mosquitto_tls_key_source: mykey.pem
mosquitto_tls_cert_path: "{{ mosquitto_base_dir }}/tls/certs/mycert.pem"
mosquitto_tls_key_path: "{{ mosquitto_base_dir }}/tls/private/mykey.pem"