diff --git a/app-of-apps/mosquitto.yaml b/app-of-apps/mosquitto.yaml new file mode 100644 index 0000000..f8ada55 --- /dev/null +++ b/app-of-apps/mosquitto.yaml @@ -0,0 +1,16 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: mosquitto + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + namespace: mosquitto + server: https://kubernetes.default.svc + project: default + source: + path: mosquitto + repoURL: http://gitea.gitea.svc.k8s.undercloud.local:3000/Undercloud/k8s-apps.git + targetRevision: HEAD \ No newline at end of file diff --git a/mosquitto/README.md b/mosquitto/README.md new file mode 100644 index 0000000..95b2371 --- /dev/null +++ b/mosquitto/README.md @@ -0,0 +1,24 @@ +# Mosquitto (MQTT Broker) – Kubernetes Deployment + +This repository contains a minimal and production-friendly deployment of an MQTT broker using Eclipse Mosquitto. + +It is intended to be used with services like: +- Home Assistant +- Frigate +- IoT devices +- Custom automations + +--- + +## 📦 Overview + +Mosquitto is a lightweight MQTT broker used for message-based communication between services. + +In this setup: +- Mosquitto acts as the central message bus +- Frigate publishes events (e.g. detections) +- Home Assistant subscribes to these events + +--- + +## 🧱 Architecture diff --git a/mosquitto/mosquitto.yaml b/mosquitto/mosquitto.yaml new file mode 100644 index 0000000..7bd500b --- /dev/null +++ b/mosquitto/mosquitto.yaml @@ -0,0 +1,88 @@ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: mosquitto-config + namespace: mosquitto +data: + mosquitto.conf: | + persistence true + persistence_location /mosquitto/data/ + + listener 1883 + allow_anonymous false + password_file /mosquitto/config/passwords + + # Optional WebSocket support + listener 9001 + protocol websockets + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mosquitto-data + namespace: mosquitto +spec: + accessModes: + - ReadWriteOnce + storageClassName: cephfs-hyper + resources: + requests: + storage: 1Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mosquitto + namespace: mosquitto +spec: + replicas: 1 + selector: + matchLabels: + app: mosquitto + template: + metadata: + labels: + app: mosquitto + spec: + containers: + - name: mosquitto + image: eclipse-mosquitto:2 + ports: + - name: mqtt + containerPort: 1883 + - name: websocket + containerPort: 9001 + volumeMounts: + - name: config + mountPath: /mosquitto/config + - name: data + mountPath: /mosquitto/data + volumes: + - name: config + projected: + sources: + - configMap: + name: mosquitto-config + - secret: + name: mosquitto-passwords + - name: data + persistentVolumeClaim: + claimName: mosquitto-data +--- +apiVersion: v1 +kind: Service +metadata: + name: mosquitto + namespace: mosquitto +spec: + selector: + app: mosquitto + ports: + - name: mqtt + port: 1883 + targetPort: 1883 + - name: websocket + port: 9001 + targetPort: 9001 \ No newline at end of file diff --git a/mosquitto/namespace.yaml b/mosquitto/namespace.yaml new file mode 100644 index 0000000..9b040e0 --- /dev/null +++ b/mosquitto/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: mosquitto +--- \ No newline at end of file diff --git a/mosquitto/secrets.yaml b/mosquitto/secrets.yaml new file mode 100644 index 0000000..4e584d7 --- /dev/null +++ b/mosquitto/secrets.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: mosquitto-passwords + namespace: mosquitto +type: Opaque +stringData: + # generate with: mosquitto_passwd -c passwords frigate && base64 -w0 passwords + passwords: REPLACE_WITH_BASE64_PASSWORD_FILE \ No newline at end of file