From ecaaa1faae465b4ea2ab07e9a6204f2ceaa752a3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 4 Dec 2021 19:08:15 +0100
Subject: mqtt: migrate to new configuration format

---
 krebs/2configs/shack/mqtt.nix | 22 ++++++++++++++--------
 makefu/2configs/mqtt.nix      | 20 +++++++++++++-------
 2 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/krebs/2configs/shack/mqtt.nix b/krebs/2configs/shack/mqtt.nix
index e78f0f97..8ace4238 100644
--- a/krebs/2configs/shack/mqtt.nix
+++ b/krebs/2configs/shack/mqtt.nix
@@ -1,15 +1,21 @@
-# hostname: mqtt.shack
+{ ... }:
 {
   networking.firewall.allowedTCPPorts = [ 1883 ];
   networking.firewall.allowedUDPPorts = [ 1883 ];
   services.mosquitto = {
     enable = true;
-    host = "0.0.0.0";
-    users = {};
-    # TODO: secure that shit
-    aclExtraConf = ''
-      pattern readwrite #
-    '';
-    allowAnonymous = true;
+    persistence = false;
+    settings.max_keepalive = 60;
+    listeners = [
+      {
+        port = 1883;
+        omitPasswordAuth = true;
+        users = {};
+        settings = {
+          allow_anonymous = true;
+        };
+        acl = [ "topic readwrite #" "pattern readwrite #" ];
+      }
+    ];
   };
 }
diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix
index 9d1da839..cba43e22 100644
--- a/makefu/2configs/mqtt.nix
+++ b/makefu/2configs/mqtt.nix
@@ -2,12 +2,18 @@
 {
   services.mosquitto = {
     enable = true;
-    host = "0.0.0.0";
-    users = {};
-    # TODO: secure that shit
-    aclExtraConf = ''
-      pattern readwrite #
-    '';
-    allowAnonymous = true;
+    persistence = false;
+    settings.max_keepalive = 60;
+    listeners = [
+      {
+        port = 1883;
+        omitPasswordAuth = true;
+        users = {};
+        settings = {
+          allow_anonymous = true;
+        };
+        acl = [ "topic readwrite #" "pattern readwrite #" ];
+      }
+    ];
   };
 }
-- 
cgit v1.2.3