.

app-of-apps/mosquitto.yaml

@@ -0,0 +1,16 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: mosquitto
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: mosquitto
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    path: mosquitto
+    repoURL: http://gitea.gitea.svc.k8s.undercloud.local:3000/Undercloud/k8s-apps.git
+    targetRevision: HEAD

mosquitto/README.md

@@ -0,0 +1,24 @@
+# Mosquitto (MQTT Broker) – Kubernetes Deployment
+
+This repository contains a minimal and production-friendly deployment of an MQTT broker using Eclipse Mosquitto.
+
+It is intended to be used with services like:
+- Home Assistant
+- Frigate
+- IoT devices
+- Custom automations
+
+---
+
+## 📦 Overview
+
+Mosquitto is a lightweight MQTT broker used for message-based communication between services.
+
+In this setup:
+- Mosquitto acts as the central message bus
+- Frigate publishes events (e.g. detections)
+- Home Assistant subscribes to these events
+
+---
+
+## 🧱 Architecture

mosquitto/mosquitto.yaml

@@ -0,0 +1,88 @@
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: mosquitto-config
+  namespace: mosquitto
+data:
+  mosquitto.conf: |
+    persistence true
+    persistence_location /mosquitto/data/
+
+    listener 1883
+    allow_anonymous false
+    password_file /mosquitto/config/passwords
+
+    # Optional WebSocket support
+    listener 9001
+    protocol websockets
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mosquitto-data
+  namespace: mosquitto
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: cephfs-hyper
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mosquitto
+  namespace: mosquitto
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: mosquitto
+  template:
+    metadata:
+      labels:
+        app: mosquitto
+    spec:
+      containers:
+        - name: mosquitto
+          image: eclipse-mosquitto:2
+          ports:
+            - name: mqtt
+              containerPort: 1883
+            - name: websocket
+              containerPort: 9001
+          volumeMounts:
+            - name: config
+              mountPath: /mosquitto/config
+            - name: data
+              mountPath: /mosquitto/data
+      volumes:
+        - name: config
+          projected:
+            sources:
+              - configMap:
+                  name: mosquitto-config
+              - secret:
+                  name: mosquitto-passwords
+        - name: data
+          persistentVolumeClaim:
+            claimName: mosquitto-data
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mosquitto
+  namespace: mosquitto
+spec:
+  selector:
+    app: mosquitto
+  ports:
+    - name: mqtt
+      port: 1883
+      targetPort: 1883
+    - name: websocket
+      port: 9001
+      targetPort: 9001

mosquitto/namespace.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: mosquitto
+---

mosquitto/secrets.yaml

@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: mosquitto-passwords
+  namespace: mosquitto
+type: Opaque
+stringData:
+  # generate with: mosquitto_passwd -c passwords frigate && base64 -w0 passwords
+  passwords: REPLACE_WITH_BASE64_PASSWORD_FILE