Multi compose

[rashley-iqt]

This is a fairly significant refactor so buckle up:

The Goal

SkyScan should be able to communicate on the MQTT bus using TLS encryption.

This PR is the first step towards that goal.

How it works

This adds a Certificate Authority(CA) server on the same docker network as the mqtt broker. The CA exists at ca.mqtt.local and the broker can be found at broker.mqtt.local so as not to unnecessarily expose MQTT traffic to external interference. The MQTT broker waits for the CA to become healthy and then bootstraps the CA's root cert (so that it will trust the CA) and then uses certbot to perform an ACME challenge to obtain a certificate. Clients that wish to validate can obtain their own certs in the same fashion. TLS encrypted MQTT (aka MQTTS) is authenticated using a username and password and communicates over port 8883.

Instructions for Use

1. 3 files must be created and filled in inside of the mqtt
   • .ca_password - contains the password to be used for the ca's root certificate
   • .mqtt_user - the username for mqtt clients
   • .mqtt_password - the password for mqtt clients to authenticate
2. in the .env file specify the MQTT_PREFIX environment variable
3. docker-compose -f docker-compose.yml -f mqtt/docker-compose.mqtt.yml

Important Notes

• The .env file DOES NOT contain environment variables needed by containers; it is the environment provided to docker-compose. Environment variables required inside of containers should be specified in container.env (though this is not considered ideal as all containers will have identical environments).
• the mqtt directory is a subtree pointed to https://github.com/IQTLabs/edgetech-mqtt-compose and as such should not be updated from this project.
• it is VITAL that the docker-compose.yml file found at the project root be the first one referenced in a -f flag as it defines the context under which ALL subsequent compose files will be evaluated, in accordance with the documentation.