CUB-231: Mosquitto MQTT broker setup on Pi Zero 2 W hub
- Install script for Mosquitto MQTT broker on Pi Zero 2 W (10.60.1.101) - Persistence enabled with data stored in /var/lib/mosquitto/data/ - Topic ACL configuration for hub, sensor, mobile, and admin users - systemd service with security hardening (NoNewPrivileges, ProtectSystem) - Configuration files: mosquitto.conf, acl.conf - Validation script to verify setup before deployment
This commit is contained in:
Pip
@@ -0,0 +1,20 @@
|
||||
# Access Control List for Mosquitto
|
||||
# Topic patterns with user permissions
|
||||
|
||||
# Hub - Internal services (full access)
|
||||
user hub
|
||||
topic # rw
|
||||
|
||||
# Sensors - Read sensor data, write commands
|
||||
user sensor
|
||||
pattern read sensors/+/data
|
||||
pattern write devices/+/commands
|
||||
|
||||
# Mobile - Home status and control
|
||||
user mobile
|
||||
pattern read home/+/status
|
||||
pattern write home/+/control
|
||||
|
||||
# Admin - Full access to all topics
|
||||
user admin
|
||||
topic # rw
|
||||
Reference in New Issue
Block a user