diff --git a/README.md b/README.md index c7dae287..40b10159 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,6 @@ services: image: eclipse-mosquitto:1.6 ports: - 1883:1883 - - 9001:9001 volumes: - mosquitto-conf:/mosquitto/config - mosquitto-data:/mosquitto/data @@ -147,22 +146,24 @@ TeslaMate uses environment variables for runtime configuration. ### Environment Variables -| Variable Name | Description | Default Value | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------- | -| DATABASE_USER | Username (**required**) | / | -| DATABASE_PASS | User password (**required**) | / | -| DATABASE_NAME | The database to connect to (**required**) | / | -| DATABASE_HOST | Hostname of the database server (**required**) | / | -| DATABASE_PORT | Port of the database server | 5432 | -| DATABASE_POOL_SIZE | Size of the database connection pool | 5 | -| VIRTUAL_HOST | Host part used for generating URLs throughout the app | localhost | -| PORT | Port where the web interface is exposed | 4000 | -| DISABLE_MQTT | Disables the MQTT feature if `true` | false | -| MQTT_HOST | Hostname of the broker (**required** unless DISABLE_MQTT is `true`) | / | -| MQTT_USERNAME | Username _(optional)_ | / | -| MQTT_PASSWORD | Password _(optional)_ | / | -| LOCALE | The default locale for the web interface and addresses. Currently available: `en` (default) and `de` | en | -| TZ | Used to establish the local time zone. See [List of tz database time zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). | / | +| Variable Name | Description | Default Value | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------- | +| DATABASE_USER | Username (**required**) | / | +| DATABASE_PASS | User password (**required**) | / | +| DATABASE_NAME | The database to connect to (**required**) | / | +| DATABASE_HOST | Hostname of the database server (**required**) | / | +| DATABASE_PORT | Port of the database server | 5432 | +| DATABASE_POOL_SIZE | Size of the database connection pool | 5 | +| VIRTUAL_HOST | Host part used for generating URLs throughout the app | localhost | +| PORT | Port where the web interface is exposed | 4000 | +| DISABLE_MQTT | Disables the MQTT feature if `true` | false | +| MQTT_HOST | Hostname of the broker (**required** unless DISABLE_MQTT is `true`) | / | +| MQTT_USERNAME | Username _(optional)_ | / | +| MQTT_PASSWORD | Password _(optional)_ | / | +| MQTT_TLS | Enables TLS if `true` _(optional)_ | false | +| MQTT_TLS_ACCEPT_INVALID_CERTS | Accepts invalid certificates if `true` _(optional)_ | false | +| LOCALE | The default locale for the web interface and addresses. Currently available: `en` (default) and `de` | en | +| TZ | Used to establish the local time zone. See [List of tz database time zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). | / | ## Upgrading diff --git a/config/releases.exs b/config/releases.exs index 00e9ed93..bcc25572 100644 --- a/config/releases.exs +++ b/config/releases.exs @@ -37,7 +37,8 @@ if System.get_env("DISABLE_MQTT") != "true" do host: System.fetch_env!("MQTT_HOST"), username: System.get_env("MQTT_USERNAME"), password: System.get_env("MQTT_PASSWORD"), - ssl: System.get_env("MQTT_SSL") + tls: System.get_env("MQTT_TLS"), + accept_invalid_certs: System.get_env("MQTT_TLS_ACCEPT_INVALID_CERTS") end config :logger, diff --git a/lib/teslamate/mqtt/mqtt.ex b/lib/teslamate/mqtt/mqtt.ex index 78ac4b31..64180c03 100644 --- a/lib/teslamate/mqtt/mqtt.ex +++ b/lib/teslamate/mqtt/mqtt.ex @@ -24,28 +24,33 @@ defmodule TeslaMate.Mqtt do # Private + alias Tortoise.Transport + defp config do auth = Application.get_env(:teslamate, :mqtt) + host = Keyword.get(auth, :host) - if(Keyword.get(auth, :ssl) == "false") do - [ - user_name: Keyword.get(auth, :username), - password: Keyword.get(auth, :password), - server: {Tortoise.Transport.Tcp, host: Keyword.get(auth, :host), port: 1883}, - handler: {Tortoise.Handler.Logger, []}, - subscriptions: [] - ] - else - [ - user_name: Keyword.get(auth, :username), - password: Keyword.get(auth, :password), - server: - {Tortoise.Transport.SSL, - host: Keyword.get(auth, :host), port: 8883, verify: :verify_none}, - handler: {Tortoise.Handler.Logger, []}, - subscriptions: [] - ] - end + server = + if Keyword.get(auth, :tls) == "true" do + verify = + if Keyword.get(auth, :accept_invalid_certs) == "true" do + :verify_none + else + :verify_peer + end + + {Transport.SSL, host: host, port: 8883, cacertfile: CAStore.file_path(), verify: verify} + else + {Transport.Tcp, host: host, port: 1883} + end + + [ + user_name: Keyword.get(auth, :username), + password: Keyword.get(auth, :password), + server: server, + handler: {Tortoise.Handler.Logger, []}, + subscriptions: [] + ] end defp generate_client_id do diff --git a/mix.exs b/mix.exs index 20ac6084..4dbe5b0e 100644 --- a/mix.exs +++ b/mix.exs @@ -56,7 +56,8 @@ defmodule TeslaMate.MixProject do {:geocalc, "~> 0.5"}, {:srtm, "~> 0.2"}, {:fuse, "~> 2.4"}, - {:mock, "~> 0.3", only: :test} + {:mock, "~> 0.3", only: :test}, + {:castore, "~> 0.1"} ] end