Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Read this if your Mosquitto is broken #265

Closed
Paraphraser opened this issue Feb 6, 2021 · 9 comments
Closed

Read this if your Mosquitto is broken #265

Paraphraser opened this issue Feb 6, 2021 · 9 comments

Comments

@Paraphraser
Copy link

Mosquitto quick fix

If you have just upgraded Mosquitto by doing:

$ cd ~/IOTstack
$ docker-compose pull
$ docker-compose up -d

and find that Mosquitto is no longer working, you have two options for getting your IOTstack working again:

  1. Pin to version 1.6.12 (quickest)
  2. Edit the configuration file (needs more thought)

Pin to version 1.6.12

  1. Edit the mosquitto service definition in docker-compose.yml to pin to version 1.6.12. Something like this will get the job done:

      mosquitto:
    container_name: mosquitto
    image: eclipse-mosquitto:1.6.12
#   image: eclipse-mosquitto

  2. Repeat the upgrade process:

    $ docker-compose pull
$ docker-compose up -d

    Mosquitto will downgrade to the previous version and resume its previous behaviour.

Edit the configuration file

The default configuration file for Mosquitto looks like this:

persistence true
persistence_location /mosquitto/data/
#log_dest file /mosquitto/log/mosquitto.log
# To avoid flash wearing
log_dest stdout

#Uncomment to enable passwords
#password_file /mosquitto/pwfile/pwfile
#allow_anonymous false

#Uncomment to enable filters
#acl_file /mosquitto/config/filter.acl

log_timestamp_format %Y-%m-%dT%H:%M:%S

The active version of the configuration file is at the path:

~/IOTstack/services/mosquitto/mosquitto.conf

You need to make the following changes to the active file:

  1. Add this line (anywhere in the file):

    listener 1883

  2. If and only if you have not implemented a password scheme for Mosquitto then allow_anonymous will still be commented-out. You need to change it to look like this:

    allow_anonymous true

    If you have previously implemented a password scheme for Mosquitto then allow_anonymous will be active and false, and should be left that way.

After you have edited the configuration file, apply the changes by doing:

$ docker-compose restart mosquitto

Mix-and-match

The configuration file changes described above are compatible with 1.6.12 so you can apply them while 1.6.12 is running, and take the decision to upgrade to version 2.x later.

Known issue with IOTstack Mosquitto configuration file

Under new menu (master branch), there is a known issue 258 where the active version of the Mosquitto configuration file can be overwritten by a menu run. Keep this in mind and make a backup.

Reference

See Migrating to Mosquitto 2.0.
Paraphraser added a commit to Paraphraser/IOTstack that referenced this issue Feb 6, 2021
@Paraphraser
Mosquitto 2.x incompatible with default IOTstack config file
f8b4175 
References:

* [Mosquitto doc](https://mosquitto.org/documentation/migrating-to-2-0/)
* [Workaround](SensorsIot#265)
* [IOTstack new menu breaks Mosquitto configs](SensorsIot#258 (comment))
* [Pull Request on gcgarner/IOTstack](gcgarner#228)

Mosquitto 2.x has introduced a requirement for a `listener` in the
config file. If this is absent, Mosquitto will bind to the loopback
interface. When Mosquitto is running in a container, this implies no
connectivity.

Mosquitto 2.x has also changed the security defaults. Earlier versions
permitted passwordless access out-of-the box. The new version assumes
a password scheme will be implemented and requires passwordless
access to be an explicit configuration choice.

This PR maintains the IOTstack status quo by:

1. Adding `listener 1883`; and
2. Activating `allow_anonymous` with the value `true`.

Anyone who has already set up a password scheme will need to import
the `listener` line but, presumably, their `allow_anonymous` will
already be active and set to `false`, and that will not need to change.
@Paraphraser Paraphraser mentioned this issue Feb 6, 2021
Merged
@howwww
Copy link

howwww commented Feb 8, 2021

Hi, and thanks for sharing! I searched all the internet what is going wrong before read this issue here! :)

I've managed to fix the issue by using the configuration method described above.
I just want to add that in order to make it work I had also to uncomment the "#password_file" line.

Please update instructions for users that have previously implemented a password scheme for Mosquitto.

@Paraphraser Paraphraser mentioned this issue Feb 10, 2021
Merged
@wijnsema
Copy link

Thank you for this post @Paraphraser! I searched and tried for hours before I stumbled on you advise and could fix the problem in seconds.

Of the two options I would strongly suggest the second one, adjusting the configuration, because that way you solve the problem for good, if you switch back to 1.6 this problem will pop up again in the future.

@Paraphraser
Copy link
Author

@howwww see if this gist meets your needs.

@Paraphraser
Copy link
Author

@wijnsema the truly cool thing (or, at least, I think it is cool) about Docker is how easy it is to revert.

Sure, once you know a solution to a problem, it is definitely better to fix it properly.

But, if something has just gone pear-shaped, reverting to "last known good" lets your IOTstack keep truckin' and your IoT devices sending their data. You then have the luxury of breathing, thinking, and taking your time.

You might, for example, want to test that the fixes you've found in a GitHub issue actually work on a test system before you put them into production. After all, there's no guarantee that they are correct for every IOTstack user's situation. 🤪

Granted, reverting doesn't always cure every evil. There was a PiHole fiasco a few versions back where the upgrade didn't work but did sufficient "damage" to the database in PiHole's volumes folder that reverting didn't work either. At least, not straight away. It took a combination of reverting and restoring PiHole's volumes folder from backup to get going again.

@wijnsema
Copy link

@Paraphraser indeed Docker is wonderful, it really changed the IT landscape, but I will not use docker-compose pull anytime soon!

Regarding fix/upgrade, it really depends on the situation. In mine, I just started with Iotstack so I want the newest versions.

Now up to my next problem, timescaledb fails to start after the docker pull, when it worked before (Segmentation fault, no idea were that comes from).

Anyway, have a nice day (or evening).

@Paraphraser
Copy link
Author

@wijnsema I may be slightly more gung-ho with the PULLs because I run a test system in parallel with the live system. In fact, one of the main reasons why I developed Paraphraser/IOTstackBackup ahead of the game was so that I could guarantee that my test system's data and config was reasonably close to the live system. I always do a "apply mild vacuum and witness the result" on the test system before trying it on my live system. I'd be a heckofalot more cautious if I only had a single Pi to work with. 😎

@howwww
Copy link

howwww commented Feb 18, 2021

@Paraphraser looks perfect. Keep up the good job guys, you really helping us a lot!

@Paraphraser Paraphraser mentioned this issue Feb 23, 2021
Closed
@bburkett52
Copy link

Thanks for the quick fix!! Really saved me!

Best regards,
~Bob

@iLeftheris
Copy link

Thanks for sharing!

This was referenced Apr 1, 2021
Open
Closed
@Paraphraser Paraphraser mentioned this issue Apr 29, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@wijnsema @howwww @Paraphraser @bburkett52 @iLeftheris