diff --git a/apps/eclipse-mosquitto/config.json b/apps/eclipse-mosquitto/config.json new file mode 100755 index 00000000..6f4a7934 --- /dev/null +++ b/apps/eclipse-mosquitto/config.json @@ -0,0 +1,34 @@ +{ + "$schema": "../schema.json", + "name": "Eclipse Mosquitto", + "port": 8288, + "available": true, + "exposable": true, + "id": "eclipse-mosquitto", + "tipi_version": 1, + "version": "2.0.18", + "categories": [ + "utilities", + "automation" + ], + "description": "Eclipse Mosquitto is an open source message broker that implements the MQTT protocol.", + "short_desc": "open source message broker", + "author": "Eclipse Foundation", + "source": "https://github.com/eclipse/mosquitto/", + "website": "https://mosquitto.org/", + "form_fields": [ + { + "type": "password", + "label": "MQTT Broker Admin Password", + "max": 50, + "min": 6, + "required": true, + "env_variable": "MQTT_ADMIN_PASSWORD" + } + ], + "supported_architectures": [ + "arm64", + "amd64" + ] +} + diff --git a/apps/eclipse-mosquitto/data/config/mosquitto.conf b/apps/eclipse-mosquitto/data/config/mosquitto.conf new file mode 100755 index 00000000..377870e7 --- /dev/null +++ b/apps/eclipse-mosquitto/data/config/mosquitto.conf @@ -0,0 +1,26 @@ +# Copyright 2022 Shantanoo "Shan" Desai +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Mosquitto v2.0 Configuration File + +# Default Port +listener 1883 + +# Dynamic Security Plugin +plugin /usr/lib/mosquitto_dynamic_security.so + +# Path to the Dynamic Security JSON file, will be generated on first launch +plugin_opt_config_file /mosquitto/config/dynamic-security.json + +# Ever User / Client should follow the given RBAC rules +per_listener_settings false diff --git a/apps/eclipse-mosquitto/data/data/.gitkeep b/apps/eclipse-mosquitto/data/data/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/apps/eclipse-mosquitto/data/scripts/dynsec-setup.sh b/apps/eclipse-mosquitto/data/scripts/dynsec-setup.sh new file mode 100644 index 00000000..1333a6fe --- /dev/null +++ b/apps/eclipse-mosquitto/data/scripts/dynsec-setup.sh @@ -0,0 +1,34 @@ +#!/bin/sh +# Copyright 2022 Shantanoo "Shan" Desai +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Setup Script to be executed in a Docker Init Container + +# Set Default Admin Credentials for Dynamic Security Plugin Configuration +DEFAULT_DYNSEC_ADMIN=admin +DEFAULT_DYNSEC_PASSWORD=securePassword +DYNSEC_FILE_PATH=/mosquitto/config/dynamic-security.json + +# Set values if provided via Environment Variables in the Docker Init Container +MQTT_DYNSEC_ADMIN_USER=${MQTT_DYNSEC_ADMIN_USER:-$DEFAULT_DYNSEC_ADMIN} +MQTT_DYNSEC_ADMIN_PASSWORD=${MQTT_DYNSEC_ADMIN_PASSWORD:-$DEFAULT_DYNSEC_PASSWORD} + +# echo "Admin/Pass: ${MQTT_DYNSEC_ADMIN_USER}/${MQTT_DYNSEC_ADMIN_PASSWORD}" ## DEBUG + +# Set the Admin Credentials for RBAC control via Dyamic Security Plugin +mosquitto_ctrl dynsec init ${DYNSEC_FILE_PATH} ${MQTT_DYNSEC_ADMIN_USER} ${MQTT_DYNSEC_ADMIN_PASSWORD} + +chmod 700 ${DYNSEC_FILE_PATH} +chown 1883:1883 ${DYNSEC_FILE_PATH} + +exec "$@" diff --git a/apps/eclipse-mosquitto/docker-compose.yml b/apps/eclipse-mosquitto/docker-compose.yml new file mode 100755 index 00000000..8fae829a --- /dev/null +++ b/apps/eclipse-mosquitto/docker-compose.yml @@ -0,0 +1,68 @@ +version: '3.7' + +services: + mosquitto-management-center: + image: cedalo/management-center:dev + container_name: mosquitto-management-center + environment: + - TZ=${TZ} + - CEDALO_MC_BROKER_ID=mosquitto-broker + - CEDALO_MC_BROKER_NAME=mosquitto-broker-2 + - CEDALO_MC_BROKER_URL=mqtt://mosquitto-broker:1883 + - CEDALO_MC_BROKER_USERNAME=admin + - CEDALO_MC_BROKER_PASSWORD=${MQTT_ADMIN_PASSWORD} + - CEDALO_MC_USERNAME=admin + - CEDALO_MC_PASSWORD=admin + ports: + - ${APP_PORT}:8088 + expose: + - 8088 + depends_on: + - mosquitto-broker + networks: + - tipi_main_network + restart: unless-stopped + labels: + # Main + traefik.enable: true + traefik.http.middlewares.mosquitto-web-redirect.redirectscheme.scheme: https + traefik.http.services.mosquitto.loadbalancer.server.port: 8088 + # Web + traefik.http.routers.mosquitto-insecure.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.mosquitto-insecure.entrypoints: web + traefik.http.routers.mosquitto-insecure.service: mosquitto-web + traefik.http.routers.mosquitto-insecure.middlewares: mosquitto-web-redirect + # Websecure + traefik.http.routers.mosquitto.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.mosquitto.entrypoints: websecure + traefik.http.routers.mosquitto.service: mosquitto-web + traefik.http.routers.mosquitto.tls.certresolver: myresolver + # Local domain + traefik.http.routers.mosquitto-local-insecure.rule: Host(`mosquitto.${LOCAL_DOMAIN}`) + traefik.http.routers.mosquitto-local-insecure.entrypoints: web + traefik.http.routers.mosquitto-local-insecure.service: mosquitto-web + traefik.http.routers.mosquitto-local-insecure.middlewares: mosquitto-web-redirect + # Local domain secure + traefik.http.routers.mosquitto-local.rule: Host(`mosquitto.${LOCAL_DOMAIN}`) + traefik.http.routers.mosquitto-local.entrypoints: websecure + traefik.http.routers.mosquitto-local.service: mosquitto-web + traefik.http.routers.mosquitto-local.tls: true + mosquitto-broker: + image: eclipse-mosquitto:2.0.18 + container_name: mosquitto-broker + environment: + - TZ=${TZ} + - MQTT_DYNSEC_ADMIN_USER=admin + - MQTT_DYNSEC_ADMIN_PASSWORD=${MQTT_ADMIN_PASSWORD} + ports: + - 1883:1883 + command: ["/dynsec-setup.sh", "/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"] + expose: + - 1883 + volumes: + - ${APP_DATA_DIR}/data/data:/mosquitto/data + - ${APP_DATA_DIR}/data/config:/mosquitto/config + - ${APP_DATA_DIR}/data/scripts/dynsec-setup.sh:/dynsec-setup.sh + restart: unless-stopped + networks: + - tipi_main_network diff --git a/apps/eclipse-mosquitto/metadata/caledo_mgm_center.png b/apps/eclipse-mosquitto/metadata/caledo_mgm_center.png new file mode 100644 index 00000000..46a09021 Binary files /dev/null and b/apps/eclipse-mosquitto/metadata/caledo_mgm_center.png differ diff --git a/apps/eclipse-mosquitto/metadata/description.md b/apps/eclipse-mosquitto/metadata/description.md new file mode 100755 index 00000000..71db6cff --- /dev/null +++ b/apps/eclipse-mosquitto/metadata/description.md @@ -0,0 +1,64 @@ +# Eclipse Mosquitto MQTT Broker with UI + +this app consists of two images providing an mqtt broker and an UI for managing access to the broker. +The configuration is adapted from the github repo: [shantanoo-desai/mqtt-rbac-docker-init](https://github.com/shantanoo-desai/mqtt-rbac-docker-init) + + +## Eclipse Mosquitto + +[Eclipse Mosquitto](https://mosquitto.org/) is an open source (EPL/EDL licensed) message broker that implements the MQTT protocol versions 5.0, 3.1.1 and 3.1. Mosquitto is lightweight and is suitable for use on all devices from low power single board computers to full servers. + +Mosquitto is part of the [Eclipse Foundation](https://eclipse.org/), and is an [iot.eclipse.org project](https://iot.eclipse.org/). The development is driven by Cedalo. + +The broker is configured by default that it listens to the port **1883** for tcp connections. +To also use websocket connection you can enable it by edit the `/runtipi/app-date/eclipse-mosquitto/data/config/moscquitto.conf` with the following content: + +``` +listener 9001 +protocol websockets +``` + +**Note** +WebSockets, while powerful, can introduce vulnerabilities if left unsecured. They should be secured using TLS/encryption. +For more detailed information the [mosquitto documentation](https://mosquitto.org/man/mosquitto-conf-5.html). + + +## Cedalo Management Center + +[Cedalo Management Center](https://github.com/cedalo/management-center) allows to easily manage, monitor and inspect instances of Eclipse Mosquitto. There are some pro features that can only be activated by getting a license from cedalo. + +![caledo_mgm_center.png](caledo_mgm_center.png) + +By default the following features are provided: + +- A system dashboard to view key figures, showing broker traffic, license and client infos. +- Table of clients, which have connected to the broker, for inspection purposes. +- A topic tree, displaying those topics that have been addressed, while the MMC is running. +- Management of broker security allowing to modify clients, group and roles. +- A terminal to execute commands related to the dynamic security API +- Management Center infos and settings + +The access to the broker is handled by the [dynamic-security plugin](https://mosquitto.org/documentation/dynamic-security/) in the mosquitto broker. The configuration is stored in the file `/runtipi/app-date/eclipse-mosquitto/data/config/dynamic-security.json`. This file is generated during the first launch of the the mosquitto image. + + +## Links + +### See the following links for more information on MQTT: + +- Community page: [http://mqtt.org/](http://mqtt.org/) +- MQTT v3.1.1 standard: [https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html](https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html) +- MQTT v5.0 standard: [https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html](https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html) + +### Mosquitto project information is available at the following locations: + +- Main homepage: [https://mosquitto.org/](https://mosquitto.org/) +- Find existing bugs or submit a new bug: [https://github.com/eclipse/mosquitto/issues](https://github.com/eclipse/mosquitto/issues) +- Source code repository: [https://github.com/eclipse/mosquitto](https://github.com/eclipse/mosquitto) + +There is also a public test server available at [https://test.mosquitto.org/](https://test.mosquitto.org/) + +### More information about the management center is available at the following locations: + +- Main homepage: [https://cedalo.com/mqtt-broker-pro-mosquitto/](https://cedalo.com/mqtt-broker-pro-mosquitto/) +- Documentation: [https://docs.cedalo.com/mosquitto/management-center/introduction](https://docs.cedalo.com/mosquitto/management-center/introduction) +- Source code repository: [https://github.com/cedalo/management-center](https://github.com/cedalo/management-center) diff --git a/apps/eclipse-mosquitto/metadata/logo.jpg b/apps/eclipse-mosquitto/metadata/logo.jpg new file mode 100755 index 00000000..9330eeb6 Binary files /dev/null and b/apps/eclipse-mosquitto/metadata/logo.jpg differ diff --git a/apps/zigbee2mqtt/config.json b/apps/zigbee2mqtt/config.json new file mode 100755 index 00000000..658e580f --- /dev/null +++ b/apps/zigbee2mqtt/config.json @@ -0,0 +1,32 @@ +{ + "$schema": "../schema.json", + "name": "Zigbee2MQTT", + "port": 8290, + "available": true, + "exposable": true, + "id": "zigbee2mqtt", + "tipi_version": 1, + "version": "1.35", + "categories": [ + "utilities", + "automation" + ], + "description": "Zigbee to MQTT bridge, get rid of your proprietary Zigbee bridges", + "short_desc": "Zigbee to MQTT bridge", + "author": "@Koenkk", + "source": "https://github.com/Koenkk/zigbee2mqtt", + "website": "https://www.zigbee2mqtt.io/", + "form_fields": [ + { + "type": "string", + "label": "zigbee device path", + "required": true, + "hint": "/dev/ttyUSB0", + "env_variable": "Z2M_DEVICE" + } + ], + "supported_architectures": [ + "arm64", + "amd64" + ] +} \ No newline at end of file diff --git a/apps/zigbee2mqtt/data/.gitkeep b/apps/zigbee2mqtt/data/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/apps/zigbee2mqtt/docker-compose.yml b/apps/zigbee2mqtt/docker-compose.yml new file mode 100644 index 00000000..83d14c26 --- /dev/null +++ b/apps/zigbee2mqtt/docker-compose.yml @@ -0,0 +1,43 @@ +version: "3.7" + +services: + + zigbee2mqtt: + container_name: zigbee2mqtt + image: koenkk/zigbee2mqtt:1.35 + environment: + - TZ=${TZ} + volumes: + - ${APP_DATA_DIR}/data/:/app/data + devices: + - ${Z2M_DEVICE}:/dev/ttyACM0 + ports: + - ${APP_PORT}:8080 + expose: + - 8080 + restart: unless-stopped + labels: + # Main + traefik.enable: true + traefik.http.middlewares.zigbee2mqtt-web-redirect.redirectscheme.scheme: https + traefik.http.services.zigbee2mqtt.loadbalancer.server.port: 8080 + # Web + traefik.http.routers.zigbee2mqtt-insecure.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.zigbee2mqtt-insecure.entrypoints: web + traefik.http.routers.zigbee2mqtt-insecure.service: zigbee2mqtt-web + traefik.http.routers.zigbee2mqtt-insecure.middlewares: zigbee2mqtt-web-redirect + # Websecure + traefik.http.routers.zigbee2mqtt.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.zigbee2mqtt.entrypoints: websecure + traefik.http.routers.zigbee2mqtt.service: zigbee2mqtt-web + traefik.http.routers.zigbee2mqtt.tls.certresolver: myresolver + # Local domain + traefik.http.routers.zigbee2mqtt-local-insecure.rule: Host(`zigbee2mqtt.${LOCAL_DOMAIN}`) + traefik.http.routers.zigbee2mqtt-local-insecure.entrypoints: web + traefik.http.routers.zigbee2mqtt-local-insecure.service: zigbee2mqtt-web + traefik.http.routers.zigbee2mqtt-local-insecure.middlewares: zigbee2mqtt-web-redirect + # Local domain secure + traefik.http.routers.zigbee2mqtt-local.rule: Host(`zigbee2mqtt.${LOCAL_DOMAIN}`) + traefik.http.routers.zigbee2mqtt-local.entrypoints: websecure + traefik.http.routers.zigbee2mqtt-local.service: zigbee2mqtt-web + traefik.http.routers.zigbee2mqtt-local.tls: true diff --git a/apps/zigbee2mqtt/metadata/description.md b/apps/zigbee2mqtt/metadata/description.md new file mode 100644 index 00000000..2297dfca --- /dev/null +++ b/apps/zigbee2mqtt/metadata/description.md @@ -0,0 +1,29 @@ +# Zigbee2MQTT ๐Ÿ๐ŸŒ‰๐Ÿ”จ + +Allows you to use your Zigbee devices without the vendor's bridge or gateway. + +It bridges events and allows you to control your Zigbee devices via MQTT. In this way you can integrate your Zigbee devices with whatever smart home infrastructure you are using. + +|**Compatible** | **Integrations** | **Open Source** | +|---|---|---| +| Zigbee2MQTT supports [various Zigbee adapters](https://www.zigbee2mqtt.io/guide/adapters/) and a big bunch of [devices](https://www.zigbee2mqtt.io/supported-devices/). | Zigbee2MQTT integrates well with most home automation solutions because it uses [MQTT](https://mqtt.org/). | Zigbee2MQTT is licenced under the free [GNU General Public License 3](https://www.gnu.org/licenses/gpl-3.0.de.html). | + +## Setup + +You need to have a mqtt broker like [eclipse mosquitto](/apps/eclipse-mosquitto) running to use this app. + +### Configuration of the Zigbee adapter + +For USB apdaters you can use dmesg command on Linux hosts to find the mounted device. Where possible you should use the `/dev/serial/by-id/` path of the stick, instead of `/dev/tty*`. This is because the `/dev/tty*` path can change - for example ยด/dev/ttyACM0` may become `/dev/ttyACM1` and then later back to `/dev/ttyACM0`. The `/dev/serial/by-id/` path won't change. + +The **usb device path** must be set in the settings of the app before installing. + +## Integrations + +Zigbee2MQTT integrates well with (almost) every home automation solution because it uses MQTT. However the following integrations are worth mentioning: + +- [Home Assistant](/apps/homeassistant) +- [Homey](https://homey.app/) +- [Domoticz](https://www.domoticz.com/) +- [Gladys Assistant](https://gladysassistant.com/) +- [IoBroker](https://www.iobroker.net/) \ No newline at end of file diff --git a/apps/zigbee2mqtt/metadata/logo.jpg b/apps/zigbee2mqtt/metadata/logo.jpg new file mode 100644 index 00000000..0f9621f6 Binary files /dev/null and b/apps/zigbee2mqtt/metadata/logo.jpg differ