Add MQTT TLS and custom MQTT port support#11
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds MQTT TLS support and custom port configuration to the MQTT client connection. The changes enable secure MQTT connections with certificate validation and allow users to specify non-default MQTT ports.
- Added TLS certificate chain support for secure MQTT connections
- Added configurable MQTT port setting (defaulting to 1883)
- Updated configuration documentation with TLS setup instructions
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| index.py | Added SSL import, TLS configuration logic, and port parameter to MQTT connection |
| README.md | Updated configuration documentation with new MQTT TLS and port settings |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| if config['frigate']['mqtt_tls']: | ||
| client.tls_set(config['frigate']['mqtt_tls_cert_chain'], tls_version=ssl.PROTOCOL_TLSv1_2) |
There was a problem hiding this comment.
The TLS configuration should include proper error handling and validation. Consider adding certificate verification and handling cases where the certificate file doesn't exist or is invalid.
|
|
||
| client.connect(config['frigate']['mqtt_server']) | ||
| if config['frigate']['mqtt_tls']: | ||
| client.tls_set(config['frigate']['mqtt_tls_cert_chain'], tls_version=ssl.PROTOCOL_TLSv1_2) |
There was a problem hiding this comment.
ssl.PROTOCOL_TLSv1_2 is deprecated. Use ssl.PROTOCOL_TLS_CLIENT instead for better security and forward compatibility.
| client.tls_set(config['frigate']['mqtt_tls_cert_chain'], tls_version=ssl.PROTOCOL_TLSv1_2) | |
| client.tls_set(config['frigate']['mqtt_tls_cert_chain'], tls_version=ssl.PROTOCOL_TLS_CLIENT) |
| if config['frigate']['mqtt_tls']: | ||
| client.tls_set(config['frigate']['mqtt_tls_cert_chain'], tls_version=ssl.PROTOCOL_TLSv1_2) | ||
|
|
||
| client.connect(config['frigate']['mqtt_server'], config['frigate']['mqtt_port']) |
There was a problem hiding this comment.
Missing error handling for configuration keys. The code will fail if 'mqtt_tls', 'mqtt_tls_cert_chain', or 'mqtt_port' keys are missing from the config. Add proper validation or default values.
Added MQTT TLS and custom mqtt port support.