Bridging two Mosquitto MQTT Brokers

Published on: February 20, 2021

Welcome to the 22md Raspberry Pi tutorial and the third in the MQTT series. This tutorial will cover how to bridge two MQTT brokers. What I have in mind can be seen in the diagram below. 

MQTT Bridge Diagram
Click image to see full resolution of MQTT Bridge Diagram

My plan is to have an MQTT broker on my Raspberry pi on my internal network which will bridge to (subscribe to) an external MQTT broker somewhere in the cloud. For my demo I chose DigitalOcean. My actual set up is a very quick and small $5/mo server. If you want to sign up for DO for the first time, consider using my referral code. You'll get $100 and I'll get $25: https://m.do.co/c/f2fe4ac49eac

In the above example, my internal network is never exposed to the outside world. When I'm out of my house, MQTT publishes will go into my external MQTT broker. My internal broker will then pick those up and also publish them for my internal devices such as my lights and garage door opener. My end goal is to have an IFTTT app so that I can do some voice commands. Shorter term goal is probably going to be a quick Flask app that publishes messages to my external broker. 

Let's move to the tutorial. 

Installing Mosquitto

If you haven't already installed Mosquitto, follow this tutorial: https://www.easyprogramming.net/raspberrypi/python_mqtt_setup.php

And before I continue, I'd like to mention that every configuration item I show you below can also be found on the Mosquitto man page: https://mosquitto.org/man/mosquitto-conf-5.html

Securing Mosquitto

If you haven't already done this, secure your mosquitto installation with some credentials: https://www.easyprogramming.net/raspberrypi/mqtt_authentication.php

You should set this up on both brokers. This is especially important for your broker on the cloud. We don't want just anyone connecting to it.

It's also a good idea to set up SSL so that all communication is encrypted but I plan on covering that topic a bit later. This is small scale and low risk so setting up simple authentication is fine for now. 

Configuring Mosquitto for the Bridge

You only have to do this on your local MQTT broker. We'll be watching the external Broker from our internal one. Make sure your external broker's IP, username, and password are handy.

We need to add a couple of lines to our mosquitto.conf file:

    cd /etc/mosquitto 
sudo nano mosquitto.conf

We need to add just two lines to this file at the bottom. The first one turns off anonymous logins and the second one sets the password file. For more information on these options, check out the mosquitto man page I linked to above:

    connection bridge-name-goes-here
    address xxx.xxx.xxx.xxx:1883

    topic # out 0
    topic # in 0

    #topic # both 0
    
    remote_username USERNAME_HERE
    remote_password PASSWORD_HERE

You can call your bridge anything you want, in my demo, I called it bridge-do for DigitalOcean. The address is your ip address and port. I kept the default port of 1883 but be sure to update yours to whichever port you are using. 

The next two lines are the topics we are subscribing to. The # symbol is a wildcard so it subscribes to everything going in and out. The 0 at the end is just the QOS (Quality of Service). You can get very creative with the subscriptions. For more info, check out the official documents here: https://mosquitto.org/man/mosquitto-conf-5.html#idm863

The third topic that I commented out says "both" - so you can use either in and out or both if you want to save some time. If you see in my video, I only end up subscribing one way. I may change that later. 

And finally, our last two lines are our credentials. This is what you set up in the Securing Mosquitto section. Use passwords that are hard to guess! 

When done, restart mosquitto:

    sudo service mosquitto restart

Now go back to your MQTT tester (MQTTLens if you use that) and subscribe to both your internal and external broker. Publish something to your external broker while subscribed to it from your internal broker (and vice versa) and you should see your devices read each others' messages.

If you have trouble, restart mosquitto on both brokers to reestablish a connection. I've also had to sometimes re-subscribe on MQTTLens to go past blockers but if everything is set up correctly, it should work. 

In my future videos, I will try to set up devices that can actually react to these messages. I'm taking it a little slowly due to time constraints and taking a while to come up with the design of everything. Thanks for watchin and if you have questions, ask away!

Patreon

I do these projects to learn and teaching is a good way to learn. But if you do want to support me, head on over to Patreon and become a Patron: https://www.patreon.com/nazmus

If you've implemented this project, I'd like to see it! So please share it with me through any of my regular channels. 

Remember to checkout the Resources section below for associated downloadable content, JSFiddle links, and other resources. Watch the video and follow along!

Resources:

Find the code on GitHub at https://github.com/naztronaut/EP-MQTT



Comments: