Pip
a2639c002f
- Install script for Mosquitto MQTT broker on Pi Zero 2 W (10.60.1.101) - Persistence enabled with data stored in /var/lib/mosquitto/data/ - Topic ACL configuration for hub, sensor, mobile, and admin users - systemd service with security hardening (NoNewPrivileges, ProtectSystem) - Configuration files: mosquitto.conf, acl.conf - Validation script to verify setup before deployment
21 lines
418 B
Plaintext
21 lines
418 B
Plaintext
# Access Control List for Mosquitto
|
|
# Topic patterns with user permissions
|
|
|
|
# Hub - Internal services (full access)
|
|
user hub
|
|
topic # rw
|
|
|
|
# Sensors - Read sensor data, write commands
|
|
user sensor
|
|
pattern read sensors/+/data
|
|
pattern write devices/+/commands
|
|
|
|
# Mobile - Home status and control
|
|
user mobile
|
|
pattern read home/+/status
|
|
pattern write home/+/control
|
|
|
|
# Admin - Full access to all topics
|
|
user admin
|
|
topic # rw
|