Thanks Vince. Good idea. On Wednesday, 6 August 2025 at 03:43:17 UTC+10 vince wrote:
> Your setup is very complicated - Traefik, Cloudflare, Portainer, etc. etc. > etc. plus trying to get weewx/mosquitto working to begin with. > > FWIW, my working LAN only setup is at > https://github.com/vinceskahan/weewx-odds-and-ends/blob/master/weewx-belchertown-websockets.txt > > if you want to take a look at settings that used to work here. I'm > LAN-only, no proxies, ssl disabled, user/pass disabled so it's the simplest > setup that should work LAN-only. > > My hazy recollection is that you also need to be consistent between > http/https, and ssl enabled/disabled, but with all the complicated things > you're trying to align, wow..... > > I would suggest you start over, step by step, doing one thing at a time as > you build up the complexity.... > > - get everything working LAN-only 'without' SSL > - then get it working LAN-only with SSL > - then get it working proxied without SSL > - then lastly get it working proxied with SSL > > or.... > > - LAN-only without SSL > - proxied without SSL > - proxied with SSL > > Or the like. Tiny steps. Minimize moving parts. Build up to the (to me) > messy setup you're trying to build. > > On Tuesday, August 5, 2025 at 9:01:30 AM UTC-7 Peter Schmelitschek wrote: > >> Ok thanks anyway. >> I'll try some combinations later - now 02:00 here >> >> On Wednesday, 6 August 2025 at 01:59:00 UTC+10 Jacques Terrettaz wrote: >> >>> Sorry, I don't know anything about Traefik and its configuration. >>> >>> Le 5 août 2025 à 17:45, Peter Schmelitschek <[email protected]> a >>> écrit : >>> >>> Having a look at my Traefik fileConfig.yaml (dynamic), what I've ended >>> up with from ChatGPT looks dodgy: >>> >>> In http Routers, there are these 2 entries: >>> mqtt-router: >>> entryPoints: >>> - mqtt-ws >>> rule: "Host(`mqtt.dreamwoodestate.net`)" >>> service: mqtt-ws-svc >>> tls: true >>> >>> mqtt_ws: >>> rule: "Host(`mqtt.dreamwoodestate.net`)" >>> entryPoints: >>> - mqtt-ws >>> tls: >>> certResolver: cloudflare >>> service: mqtt_ws_service >>> >>> Then in Services: >>> mqtt-broker: >>> loadBalancer: >>> servers: >>> - url: "http://192.168.88.67:9011"; >>> >>> mqtt-ws-svc: >>> loadBalancer: >>> servers: >>> - url: "http://192.168.88.67:9011"; >>> >>> Which do you suggest should be removed as there is clearly duplication >>> wrt port 9011 for websockets. >>> >>> On Wednesday, 6 August 2025 at 01:37:38 UTC+10 Peter Schmelitschek wrote: >>> >>>> After a refresh, the error becomes: >>>> paho-mqtt.min.js:37 WebSocket connection to 'wss:// >>>> mqtt.dreamwoodestate.net:9011/mqtt' failed: >>>> d._doConnect @ paho-mqtt.min.js:37 >>>> d.connect @ paho-mqtt.min.js:31 >>>> Client.connect @ paho-mqtt.min.js:70 >>>> connect @ belchertown.js?1754408117:1543 >>>> (anonymous) @ belchertown/:171 >>>> l @ jquery.min.js:2 >>>> c @ jquery.min.js:2 >>>> >>>> On Wednesday, 6 August 2025 at 01:35:27 UTC+10 Peter Schmelitschek >>>> wrote: >>>> >>>>> With mqtt_websockets_ssl = 1 in the [[[Extras]]] of [[Belchertown]] in >>>>> weewx.conf, I get 'Failed connecting to the weather station' from the >>>>> browser using https. >>>>> I can see the belchertown.js has updated as you pointed out, so now >>>>> it's: >>>>> belchertown_debug("MQTT: Connecting to MQTT Websockets: >>>>> mqtt.dreamwoodestate.net 9011 (SSL Enabled)"); >>>>> var useSSL = true; >>>>> >>>>> client = new Paho.Client("mqtt.dreamwoodestate.net", 9011, >>>>> mqttclient); >>>>> >>>>> BTW, ChatGPT told me last week that I should add a "/" in between the >>>>> 9011 and mqttclient in the client = line. >>>>> I removed that "/" earlier tonight thinking the advice was wrong - but >>>>> it dowsn't seem to improve the situation either way. >>>>> >>>>> Right now the browser shows this error from F12: >>>>> paho-mqtt.min.js:37 WebSocket connection to 'wss:// >>>>> mqtt.dreamwoodestate.net:9011/mqtt' failed: >>>>> d._doConnect @ paho-mqtt.min.js:37 >>>>> On Wednesday, 6 August 2025 at 00:41:41 UTC+10 Jacques Terrettaz wrote: >>>>> >>>>>> Your belchertown.js file ( >>>>>> https://dreamwoodinternational.com/weewx/belchertown/js/belchertown.js) >>>>>> is explicitly trying to connect to the MQTT broker with SSL disabled. >>>>>> See it in line 1523 of belchertown.js : >>>>>> belchertown_debug("MQTT: Connecting to MQTT Websockets: >>>>>> mqtt.dreamwoodestate.net 9011 (SSL Disabled)"); >>>>>> *var useSSL = false;* >>>>>> client = new Paho.Client("mqtt.dreamwoodestate.net", 9011, >>>>>> mqttclient); >>>>>> >>>>>> So double check that you have not conflicting configuration in the >>>>>> Belchertown configuration about the use of SSL with MQTT, and verify >>>>>> that >>>>>> the >>>>>> https://dreamwoodinternational.com/weewx/belchertown/js/belchertown.js >>>>>> file >>>>>> is synchronized with the one generated by the skin in your weewx VM. The >>>>>> belchertown skin is updating the js file every time a new data record >>>>>> has >>>>>> been received by weewx. >>>>>> >>>>>> Le 5 août 2025 à 15:35, Peter Schmelitschek <[email protected]> a >>>>>> écrit : >>>>>> >>>>>> >>>>>> Any ideas on solving this issue (from the browser's explorer)? >>>>>> >>>>>> paho-mqtt.min.js:37 Mixed Content: The page at >>>>>> 'https://dreamwoodinternational.com/weewx/belchertown/?debug=true' >>>>>> was loaded over HTTPS, but attempted to connect to the insecure >>>>>> WebSocket >>>>>> endpoint 'ws://mqtt.dreamwoodestate.net:9011/mqtt'. This request has >>>>>> been blocked; this endpoint must be available over WSS. >>>>>> (anonymous) @ paho-mqtt.min.js:37 >>>>>> On Tuesday, 5 August 2025 at 22:22:35 UTC+10 Peter Schmelitschek >>>>>> wrote: >>>>>> >>>>>>> This seems to be the issue (from using ?debug=true in browser): >>>>>>> >>>>>>> MQTT: Connecting to MQTT Websockets: mqtt.dreamwoodestate.net 9011 >>>>>>> (SSL Enabled) >>>>>>> belchertown.js?1754396118:1579 MQTT: 2025-08-05T22:19:59+10:00: >>>>>>> Cannot connect to MQTT broker >>>>>>> >>>>>>> On Tuesday, 5 August 2025 at 21:44:06 UTC+10 Peter Schmelitschek >>>>>>> wrote: >>>>>>> >>>>>>>> Replies are getting out of order. >>>>>>>> myconfig.conf - running without comments: >>>>>>>> persistence false >>>>>>>> >>>>>>>> >>>>>>>> allow_anonymous false >>>>>>>> password_file /etc/mosquitto/passwd >>>>>>>> acl_file /etc/mosquitto/acl >>>>>>>> >>>>>>>> listener 1883 >>>>>>>> listener 8883 >>>>>>>> cafile /etc/letsencrypt/live/mqtt.dreamwoodestate.net/chain.pem >>>>>>>> certfile /etc/letsencrypt/live/mqtt.dreamwoodestate.net/cert.pem >>>>>>>> keyfile /etc/letsencrypt/live/mqtt.dreamwoodestate.net/privkey.pem >>>>>>>> protocol mqtt >>>>>>>> >>>>>>>> listener 9011 >>>>>>>> protocol websockets >>>>>>>> >>>>>>>> On Tuesday, 5 August 2025 at 18:37:56 UTC+10 Jacques Terrettaz >>>>>>>> wrote: >>>>>>>> >>>>>>>>> You have possibly a comment line (starting with "#") in the first >>>>>>>>> line of myconfig.conf. Try to remove it and any other comment line. >>>>>>>>> >>>>>>>>> Here is for exemple the content of my own myconfig.conf file : >>>>>>>>> listener 1883 >>>>>>>>> listener 8083 >>>>>>>>> protocol websockets >>>>>>>>> allow_anonymous false >>>>>>>>> password_file /etc/mosquitto/passwd >>>>>>>>> acl_file /etc/mosquitto/acl >>>>>>>>> >>>>>>>>> >>>>>>>>> Le 5 août 2025 à 10:14, Peter Schmelitschek <[email protected]> >>>>>>>>> a écrit : >>>>>>>>> >>>>>>>>> I have recreated both ACL and myconfig.conf files from scratch >>>>>>>>> using NANO because Mosquitto complains of unexpected character at the >>>>>>>>> start >>>>>>>>> of files. >>>>>>>>> However, with that done, I still get this at Mosquitto restart: >>>>>>>>> Loading config file /etc/mosquitto/conf.d/myconfig.conf >>>>>>>>> Error: Unknown configuration variable "#" >>>>>>>>> Error found at /etc/mosquitto/conf.d/myconfig.conf:1 >>>>>>>>> Error found at /etc/mosquitto/mosquitto.conf:18 >>>>>>>>> >>>>>>>>> This is possibly the root cause of my MQTT problems - I have been >>>>>>>>> commenting out the ACL file previously to get WeeWx to appear at this >>>>>>>>> stage. >>>>>>>>> Right now I'm seeing "Failed connecting to the weather station" >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to a topic in >>>>>> the Google Groups "weewx-user" group. >>>>>> To unsubscribe from this topic, visit >>>>>> https://groups.google.com/d/topic/weewx-user/Gq6uNw_Cxss/unsubscribe. >>>>>> To unsubscribe from this group and all its topics, send an email to >>>>>> [email protected]. >>>>>> >>>>>> To view this discussion visit >>>>>> https://groups.google.com/d/msgid/weewx-user/8e9656f2-23b7-47ec-8b1d-cbfe1083ae39n%40googlegroups.com >>>>>> >>>>>> <https://groups.google.com/d/msgid/weewx-user/8e9656f2-23b7-47ec-8b1d-cbfe1083ae39n%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>>> >>>>>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "weewx-user" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/weewx-user/Gq6uNw_Cxss/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> >>> To view this discussion visit >>> https://groups.google.com/d/msgid/weewx-user/e14a0b63-8d35-41d4-a0f7-4ccda3b15074n%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/weewx-user/e14a0b63-8d35-41d4-a0f7-4ccda3b15074n%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> >>> -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/weewx-user/f261545d-0a35-4b48-bb9e-3469c271f889n%40googlegroups.com.
