A really quick follow up to the earlier post about using TLS SNI to host multiple MQTT brokers on a single IP address.
In the previous post I used nginx to do the routing, but I have also worked out that the required input to Traefik would be.
The static config file looks like this
global:
checkNewVersion: false
sendAnonymousUsage: false
entryPoints:
mqtts:
address: ":1883"
api:
dashboard: true
insecure: true
providers:
file:
filename: config.yml
directory: /config
watch: true
And the dynamic config like this
tcp:
services:
test1:
loadBalancer:
servers:
- address: "192.168.1.1:1883"
test2:
loadBalancer:
servers:
- address: "192.168.1.2:1883"
routers:
test1:
entryPoints:
- "mqtts"
rule: "HostSNI(`test1.example.com`)"
service: test1
tls: {}
test2:
entryPoints:
- "mqtts"
rule: "HostSNI(`test2.example.com`)"
service: test2
tls: {}
tls:
certificates:
- certFile: /certs/test1-chain.crt
keyFile: /certs/test1.key
- certFile: /certs/test2-chain.crt
keyFile: /certs/test2.key
Of course all the dymaic stuff can be generated via any of the Traefik providers.