Releases: hassio-addons/addon-mqtt
v1.2.0
2dba78d
frenck
Franck Nijhof
⚠️ Deprecation notice!
This is the final and last release of this add-on, which is now deprecated.
We strongly advise you to upgrade/migrate to using the Mosquitto add-on, as provided by the Home Assistant project.
This add-on will be removed from the add-on store soon.
Changes
- ✏️ Maintaince -> Maintenance
- 🚑 Fixes path handling for SSL certificates
- 🔨 Updates HA Auth URL in NGinx LUA script
- 🔨 Use Hass.io DNS as NGinx resolver
- 🎆 Updates maintenance/license year to 2020
- 📚 Update add-on documentation to use new YAML configuration format
- 🔨 Re-branding
- ✏️ Fixes some typos
- 🔨 Update add-on config with new password & list features
- ⬆️ Upgrades add-on base image to v7.0.2
⚠️ Adds deprecation notices
v1.1.0
PSA
- BEFORE you upgrade, make sure you read EVERYTHING in this release.
- BIG shoutout to @frenck for a major refactor of this addon! ❤️
- You need to have version
0.92.0of Home Assistant (or newer) to install this update. - A link to the web client can be added to the sidebar by toggling "Add to sidebar"
Ingress
This release adds ingress support for the web client, this is enabled as default.
What this means is that if you have bookmarks, iframes, panels, proxy entries, port forwarding or anything else that uses the URL with port number to access the web client those will no longer work with the default configuration.
There is some good news! :)
By using ingress, there is no need for a separate login, you don't need to forward ports, it just works!
Disable ingress
If you do not want to use these new features, you can disable ingress.
To disable ingress add a port in the Network configuration (example 5713) to the right of 80/tcp in the "disabled" field, after adding that hit "SAVE" then restart the addon.
Configuration
The structure of the configuration for this addon has been changed.
Make sure you control all settings and look in the addon log for clues if something fails.
- You can no longer disable the web client.
- The
ssloption is now "global", meaning that it will enable:- HTTPS for the web client.
- Port 4883 (MQTT with SSL) on the broker.
- Port 4884 (Websockets with SSL) on the broker.
Changes
Now that the important changes are taken care of, let's list the "boring" stuff.
New functionality
- Ingress support
- "Add to sidebar" support
- Get the hostname from your browser automatically.
Version updates
| What | From | To |
|---|---|---|
mosquitto |
1.5.8 |
1.6.2 |
nginx |
1.14.2-r0 |
1.14.2-r1 |
lua-resty-http |
0.12-r1 |
0.13-r0 |
nginx-mod-http-lua |
1.14.2-r0 |
1.14.2-r1 |
base image |
3.0.1 |
3.1.0 |
One last thing
Thanks again to @frenck for adding/changing most of what is in this release!
v1.0.1
Changes
- 0745b9b 🚑 Fix issues with user creations
- df56330 📝 Cleanup logs
- 4d9dd7a 🚑 Fix quoting issues
- fafe0ef 🔨 Utilize bashio for user creation
This release was created with reporeleaser 🎉
v1.0.0
Changes
Mosquitto (1.5.8) and libwebsockets (2.4.2) are build from source in this version
- ff9fc8e ✏️ Fixes spelling error in Dockerfile @frenck
- 6b32edb 🔥 Removes BountySource links @frenck
- 33c2280 🔥 Removes Anchore.io links @frenck
- ab03b1e 🎆 Updates maintenance year to 2019 @frenck
- 6fea2f2 🚜 🚀 Refactor of GitLab CI @frenck
- 6c53e5f 🔨Configure Renovate (#21) @renovate[bot]
- 472f7ee ⬆️ Upgrade baseimage to 3.0.1
- d851ec6 🔨 Rewrite to use bashio
- 0da2b50 🔨 Build libwesocket and mosquitto from source
This release was created with reporeleaser 🎉
v0.3.1
v0.3.0
This version contains an important security fix, and it is strongly recommended for ALL installations to be upgraded to this version immediately.
Bypass of Authentication
The authentication against Home Assistant can be bypassed by an anonymous and unauthorized user. The issue has been mitigated in the latest release.
To be clear on the subject: This is an add-on issue and not an issue with the Home Assistant authentication itself.
Exact details of the vulnerability are not disclosed in order to give our users the time to upgrade.
Thanks to Lars Larsson (@larsla) for responsibly reporting this vulnerability.
Versions Affected
Affects all releases that support authentication against Home Assistant, add-on versions v0.2.0 and higher.
Changes
- 🚑 🔒 Fixes authentication bypass vulnerability
- 🚑 Set correct acl for readonly
- ⬆️Upgrade Nginx to 1.14.2
- ⬆️Upgrade Nginx-mod-http-lua to 1.14.2
v0.2.2
v0.2.1
v0.2.0
Changes
- ✨ Adds HA Authentication to web interface
- 🔥Remove apache2-utils
- ⬆️Update nginx-mod-lua to v1.14.1.-r0
- ⬆️Update nginx to v1.14.1-r1
- ✨ Adds the posibility to add custom mosquitto configuration
v0.1.1
Changes
- 🚑Fixes a startup issue where allow_anonymous was true and no users were defined.