Add TLS support for MQTT connection (#98)

Author: tma

README.md

@@ -16,6 +16,10 @@ services:
       - PATH_PREFIX=/abrp # optional, default is /
       - TZ=Europe/Berlin # set timezone
       - MQTT=tcp://localhost:1883 # mqtt URL
+      - MQTT_USERNAME=username # optional, MQTT username
+      - MQTT_PASSWORD=password # optional, MQTT password
+      - MQTT_TLS=false # optional, set to true to enable TLS
+      - MQTT_TLS_SKIP_VERIFY=false # optional, set to true to skip TLS certificate verification
       - TM_CAR_NUMBER=1 # teslamate car number
       - ABRP_CAR_MODEL=xyz # check values via https://api.iternio.com/1/tlm/get_carmodels_list
       - ABRP_TOKEN=xyz # car token

cmd/main.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"os"
+	"strconv"
 	"tm-to-abrp/internal/app"
 )
 
@@ -16,6 +17,31 @@ func main() {
 		mqttAddress = "tcp://localhost:1883"
 	}
 
+	// Get MQTT credentials
+	mqttUsername := os.Getenv("MQTT_USERNAME")
+	mqttPassword := os.Getenv("MQTT_PASSWORD")
+
+	// Get TLS settings
+	mqttUseTLS := false
+	useTLSStr := os.Getenv("MQTT_TLS")
+	if useTLSStr != "" {
+		var err error
+		mqttUseTLS, err = strconv.ParseBool(useTLSStr)
+		if err != nil {
+			mqttUseTLS = false
+		}
+	}
+
+	mqttTlsSkipVerify := false
+	tlsSkipStr := os.Getenv("MQTT_TLS_SKIP_VERIFY")
+	if tlsSkipStr != "" {
+		var err error
+		mqttTlsSkipVerify, err = strconv.ParseBool(tlsSkipStr)
+		if err != nil {
+			mqttTlsSkipVerify = false
+		}
+	}
+
 	if os.Getenv("TZ") == "" {
 		panic("TZ environment variable not set")
 	}
@@ -40,6 +66,6 @@ func main() {
 		os.Getenv("ABRP_API_KEY"),
 	)
 
-	app.MessagesSubscribe(mqttAddress, &car)
+	app.MessagesSubscribe(mqttAddress, mqttUsername, mqttPassword, mqttUseTLS, mqttTlsSkipVerify, &car)
 	app.WebStart(port, &car)
 }

go.sum

@@ -4,11 +4,7 @@ github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
 github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-golang.org/x/net v0.36.0 h1:vWF2fRbw4qslQsQzgFqZff+BItCvGFQqKzKIzx1rmoA=
-golang.org/x/net v0.36.0/go.mod h1:bFmbeoIPfrw4sMHNhb4J9f6+tPziuGjq7Jk/38fxi1I=
 golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
 golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
 golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=

internal/app/messages.go

@@ -1,17 +1,34 @@
 package app
 
 import (
+	"crypto/tls"
 	"log"
 	"strings"
 
 	mqtt "github.com/eclipse/paho.mqtt.golang"
 )
 
-func MessagesSubscribe(mqttAddress string, car *Car) {
+func MessagesSubscribe(mqttAddress string, username string, password string, useTLS bool, tlsSkipVerify bool, car *Car) {
 	log.Println("Connecting to MQTT server on " + mqttAddress)
 
 	opts := mqtt.NewClientOptions().AddBroker(mqttAddress).SetClientID("tm-to-abrp-car" + car.number)
 
+	// Add username and password if provided
+	if username != "" {
+		opts.SetUsername(username)
+		if password != "" {
+			opts.SetPassword(password)
+		}
+	}
+
+	// Configure TLS if needed
+	if useTLS {
+		tlsConfig := &tls.Config{
+			InsecureSkipVerify: tlsSkipVerify,
+		}
+		opts.SetTLSConfig(tlsConfig)
+	}
+
 	client := mqtt.NewClient(opts)
 	if token := client.Connect(); token.Wait() && token.Error() != nil {
 		panic(token.Error())