Skip to content

jzombie/docker-mqtt-mosquitto-cloudflare-tunnel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
.github/workflows
.github/workflows
 
 
assets
assets
 
 
.env.sample
.env.sample
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
mosquitto.conf
mosquitto.conf
 
 

Repository files navigation

Docker MQTT Mosquitto Cloudflare Tunnel

Ask DeepWiki CI

Note: For examples of customization, another branch is available, which:

  • Restricts wildcard searches across users (in a naive fashion where the first level of a topic is the username, with protections provided by an ACL file)
  • Encrypts retained messages using gocryptfs
  • Auto-saves retained messages after every message

You can find it here: protected-no-wildcard branch or view the diff instead.

This setup demonstrates how to configure and deploy an MQTT broker using Eclipse Mosquitto within a Docker container and securely expose it to the internet via a Cloudflare Tunnel. This setup is particularly useful for IoT applications, allowing secure and scalable message brokering over the MQTT protocol.

Step-by-Step Guide for Navigating Cloudflare

The following steps will guide you through the process of setting up an MQTT broker, configuring a Cloudflare Tunnel to expose the broker to the public internet, and managing access and routing through Cloudflare's network.

Step 1: Log into Cloudflare Zero Trust

  1. Go to the Cloudflare Dashboard and log in with your credentials.

  2. In the left sidebar, click on "Zero Trust".

    Zero Trust

Step 2: Create a Tunnel

  1. Under the "Networks" section in the sidebar, select "Tunnels".

  2. Click on "Create a tunnel".

    Create Tunnel

  3. On the next screen, select "Cloudflared" as the tunnel type and click "Next".

    Select Cloudflared

  4. Enter a name for your tunnel, such as my_tunnel_name, and click "Save tunnel".

    Name Tunnel

  5. Choose "Docker" as your environment. Copy the provided Docker command which includes your unique token.

    Run Connector

Create an .env file in the base directory of this repo, and add CLOUDFLARE_TUNNEL_TOKEN=your_token. See .env.sample for example.

Note: You do not need to run the provided Docker command on the screen. This repository replaces that step.

Step 3: Set Up Public Hostname

  1. After running the connector, navigate to the "Tunnels" section again and select the newly created tunnel.

  2. Click on "Next" to proceed to the hostname configuration.

  3. On the "Public Hostname Page", fill in the required details:

    • Public hostname: Choose your desired subdomain and domain.

    • Service: Select the service type (HTTP).

    • URL: Set the URL to point to your Mosquitto service (e.g., mosquitto:9001). Docker will route the mosquitto hostname to the relevant container_name in the docker-compose.yml.

      This URL is INTERNAL to your Docker configuration and is NOT your public URL, nor public PORT.
      It does use HTTP internally, but exposes it publicly as HTTPS (port 443) via the tunnel.

    Public Hostname

  4. Click "Save hostname" to finalize the configuration.

Step 4: Spin up the Containers

docker compose up

IMPORTANT: Your broker is now reachable at https://<subdomain>.<hostname> on port 443.

See this related issue for additional troubleshooting: #25

About

MQTT Broker via Cloudflare Tunnels, using Docker.

docs.docker-mqtt-mosquitto-cloudflare-tunnel.zenosmosis.com/

Topics

docker docker-compose mqtt-broker mosquitto-mqtt-broker cloudflared

Resources

Readme
Activity

Stars

28 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors