Docker-Compose-Notes

Here are notes on the docker-compose.yml file.

This file is the heart of the Raspberry Pi setup. It defines three services:

    rbio-mqtt: The Mosquitto broker that handles the secure messaging between the Pi and the phones.
    rbio-db: A lightweight SQLite database (persisted to disk) to track role assignments.
    rbio-server: The Python Flask application that generates roles, handles the entropy logic, and serves the provisioning data.

It is configured to run on a private network, exposing only the necessary ports (1883 for MQTT and 5000 for the web interface) to your local LAN, keeping it isolated from the public internet.

Configuration Files: This file expects a config/mosquitto/ folder with a mosquitto.conf file inside to enable TLS (SSL) encryption. Without this, the communication is unencrypted.
Database Persistence: The rbio-db service uses a volume (./server/db) to ensure that role history is saved even if the container restarts.
Ports:

    Port 1883: Used by phones to send/receive MQTT messages.
    Port 5000: Used to access the web dashboard (if you build one) or for manual provisioning.
    Firewall: Ensure your router/firewall blocks these ports from the WAN (internet) side. They should only be accessible from your LAN.

