How broker MQTT and host website on same droplet?

October 25, 2019 150 views
Apache

I already have a website set up and running well on a droplet. I have a domain name pointing at this website, which I installed using the Wordpress One-Click droplet installer.

I would also like to setup an MQTT broker. Following the instructions here: https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-debian-10

I was able to set up a localhost MQTT broker with no issues. However, if I try to use certbot as detailed in the instructions, it fails on port 80. Probably because I already have certbot configured for my website using apache, as explained here: https://marketplace.digitalocean.com/apps/wordpress#enable-https

I have two questions, which are probably related.

  1. How do I set up a subdomain for my MQTT host, like mqtt.myhost.com? I can easily setup a cname record pointing to myhost.com, but that’s just an alias.
  2. How do I configure the standalone certbot certificates for MQTT? I tried just using the certificates generated for my website, but I just get an “Error: Connection refused” when I try to use mosquitto_pub.
1 Answer

Hello,

What I could suggest trying the following:

  • Add a second Vhost for your subdomain name

  • Then in that Vhost setup a reverse proxy to your MQTT instance, here’s how to do that (follow step 3):

https://www.digitalocean.com/community/tutorials/how-to-use-apache-as-a-reverse-proxy-with-mod_proxy-on-ubuntu-16-04#step-3-%E2%80%94-modifying-the-default-configuration-to-enable-reverse-proxy

  • After that point the A record of your subdomain name to your droplet’s IP address

  • Then try running the certbot for your subdomain as normal

That way you should be able to access your MQTT instance via port 80 and 443 just as normal, and the Apache reverse proxy setup would then proxy the traffic to the MQTT instance locally.

Of course, make sure to backup your droplet before doing this just in case that anything goes wrong.

Hope that this helps!
Regards,
Bobby

by Mateusz Papiernik
In this tutorial, you will set up Apache as a reverse proxy using the `mod_proxy` extension to redirect incoming connections to underlying application server(s) running on the same network. There are instructions on setting up a simple web app using the Flask framework to show how Apache interacts with the real application hidden behind it, but you can also follow this tutorial using your existing application server, if you have one.
Have another answer? Share your knowledge.