#I'm trying to follow this but I don't

I'm using the mosquitto MQTT Add-on. I'm trying to bridge it to an external MQTT service

As the screenshot of the forum topic shows, the mosquitto.conf file has to be in the /share/mosquitto directory

And you have to configure Mosquitto to use customizations in the mosquitto directory

I do but there is not indication in the logs that it uses it.
I want it to sub but not pub to the remote

Maybe there is something obvious here:

➜  mosquitto pwd     
/share/mosquitto
➜  mosquitto cat mosquitto.conf 
connection hivemq
address XXXXXXXXXXXXXXX.s1.eu.hivemq.cloud:8883
bridge_attempt_unsubscribe true
cleansession true
remote_username XXXXXXXXX
remote_password XXXXXXXXX
remote_clientid main_hass
try_private true
allow_anonymous false

topic # in 0 "" ""

Did you activate customization in Mosquitto?

🤦 you mean this should be set to true?
active: false

Correct

Thank you! I'm silly like that.

I'm not seeing the pubs from hiveHQ
is this part right in the config?
topic # in 0 "" ""

You want hiveHQ to Mosquitto?

yes

I see this repeating in the logs every 20 sec.

2024-05-07 09:30:22: Connecting bridge hivemq (XXXXXXXXXXXXXXX.s1.eu.hivemq.cloud:8883)
2024-05-07 09:30:22: Client local.hivemq closed its connection.

Does topic # in 0 work?

I thought that was a catch-all

It is

that would be both directions? I can test that.

No. That should subscribe to all topics from the remote broker

err.. yeah..

in = subscribe
out = publish
both = subscribe and publish

The "" stuff is used for remapping topics

I think I need to setup the acl stuffs.. I'll try that.

in the /share/mosquitto/accesscontrollist do I put the remote username?

I don't think that would help, as HA's Mosquitto connects to the remote broker. The ACL from the remote broker would apply afaik.

lol... yeah that killed access for the local user..

Likely not present in the ACL

how do I turn on debug level logging in the add-on?

Use the "hide unused config" switch in the add-on's settings and you can enable debug (after saving and an add-on restart)

Where's the log file? If I download it from the gui I only get the tail

You can access it via a terminal with ha addons logs core_mosquitto

Otherwise I guess you would have to access the Docker container

I think it's not connecting to hivemq correctly. I'm still fuzzy on how encryption works with this thing. do I need to make a client cert and key?

I think it may be on hivemq side at this point.. Thanks for your help! I'll update this if I fail or succeed.

okay.. to connect using MQTT explorer I need to set the ca cert and enable tls. How do I get the bridge to do that? I copied the ca cert to /ssl

according to this: http://www.steves-internet-guide.com/mosquitto-bridge-encryption/
I shouldn't need to do anything special.. but it disconnects as soon as it connects.

also adding log_type all to /share/mosquitto/mosquitto.conf show more message but still nothing about why it dissconnected

got it working!!!1
I think I needed to stop and then start the service not sure..
I also did chmod 600 /ssl/isrgrootx1.pem
here is my /share/mosquitto/mosquitto.conf for anyone who finds this.

connection hivemq
address XXXXXXXXXXXXX.hivemq.cloud:8883
bridge_attempt_unsubscribe true
cleansession true
remote_username XXXXXXXX
remote_password XXXXXXXXXXXXXXXXX
remote_clientid hivemq_client
bridge_cafile /ssl/isrgrootx1.pem

try_private false
allow_anonymous false

topic # in 0