Question

How broker MQTT and host website on same droplet?

I already have a website set up and running well on a droplet. I have a domain name pointing at this website, which I installed using the Wordpress One-Click droplet installer.

I would also like to setup an MQTT broker. Following the instructions here: https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-debian-10

I was able to set up a localhost MQTT broker with no issues. However, if I try to use certbot as detailed in the instructions, it fails on port 80. Probably because I already have certbot configured for my website using apache, as explained here: https://marketplace.digitalocean.com/apps/wordpress#enable-https

I have two questions, which are probably related.

  1. How do I set up a subdomain for my MQTT host, like mqtt.myhost.com? I can easily setup a cname record pointing to myhost.com, but that’s just an alias.
  2. How do I configure the standalone certbot certificates for MQTT? I tried just using the certificates generated for my website, but I just get an “Error: Connection refused” when I try to use mosquitto_pub.
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby IlievOctober 28, 2019
Accepted Answer

Hello,

What I could suggest trying the following:

  • Add a second Vhost for your subdomain name

  • Then in that Vhost setup a reverse proxy to your MQTT instance, here’s how to do that (follow step 3):

https://www.digitalocean.com/community/tutorials/how-to-use-apache-as-a-reverse-proxy-with-mod_proxy-on-ubuntu-16-04#step-3-—-modifying-the-default-configuration-to-enable-reverse-proxy

  • After that point the A record of your subdomain name to your droplet’s IP address

  • Then try running the certbot for your subdomain as normal

That way you should be able to access your MQTT instance via port 80 and 443 just as normal, and the Apache reverse proxy setup would then proxy the traffic to the MQTT instance locally.

Of course, make sure to backup your droplet before doing this just in case that anything goes wrong.

Hope that this helps! Regards, Bobby