Localhost write permission on mosquitto topics

0
votes

I'm using mosquitto for some IoT projects. I can use ACLs files to easily add authentication based on write and read access. But is there any way to active readwrite for a localhost connection and read for connections from outside (public IP)?

I don't see any reason to open the write access for the other connections outside even with a password, and access without the password would be easier for local services.

1
mqttmosquitto

1 Answers

1
votes

Not with the built in Username/Password + ACL scheme.

Mosquitto has a plugin interface for authentication/authorisation so you may be able to use that to build what you want.

The other option is to run 2 brokers and set one up with read/write and only listening on localhost, then bridge that to the other with the anonymous user set up with read only and one user for the bridging broker to use.