nixos: refactor the home automationHEAD master

This moves zigbee to spt-omnia.
author: Karel Kočí <cynerd@email.cz> 2025-01-24 15:01:30 +0100
committer: Karel Kočí <cynerd@email.cz> 2025-01-24 15:01:30 +0100
commit: 2f532dc573e35128ea82315289a0714579c9142a (patch)
tree: 124ee6bcfce253ca04633af2ebe659016ee06500 /nixos/configurations
parent: 55be775b8478c78e3923fba46b6a49d86d81dfb2 (diff)
download: nixos-personal-master.tar.gz
nixos-personal-master.tar.bz2
nixos-personal-master.zip
4 files changed, 189 insertions, 70 deletions
diff --git a/nixos/configurations/errol.nix b/nixos/configurations/errol.nix
index 407cf82..e9b0599 100644
--- a/nixos/configurations/errol.nix
+++ b/nixos/configurations/errol.nix
@@ -89,75 +89,50 @@ in {
     pkgs.nvtopPackages.amd
   ];
 
-  services.syncthing = {
-    enable = true;
-    user = mkDefault "cynerd";
-    group = mkDefault "cynerd";
-    openDefaultPorts = true;
-
-    overrideDevices = false;
-    overrideFolders = false;
+  ##############################################################################
+  services = {
+    syncthing = {
+      enable = true;
+      user = mkDefault "cynerd";
+      group = mkDefault "cynerd";
+      openDefaultPorts = true;
 
-    dataDir = "/home/cynerd";
-    configDir = "/home/cynerd/.config/syncthing";
-  };
+      overrideDevices = false;
+      overrideFolders = false;
 
-  nixpkgs.config.permittedInsecurePackages = ["openssl-1.1.1w"]; # TODO
-  services.home-assistant = {
-    enable = true;
-    openFirewall = true;
-    configDir = "/var/lib/hass";
-    config = {
-      homeassistant = {
-        name = "SPT";
-        latitude = "!secret latitude";
-        longitude = "!secret longitude";
-        elevation = "!secret elevation";
-        time_zone = "Europe/Prague";
-        country = "CZ";
-      };
-      http.server_port = 8808;
-      mqtt = {
-        sensor = import ../modules/home-assistant/sensors.nix;
-        light = import ../modules/home-assistant/light.nix;
-      };
-      default_config = {};
-      automation = "!include automations.yaml";
-    };
-    extraComponents = ["met"];
-    package = pkgs.home-assistant.override {
-      extraPackages = pkgs:
-        with pkgs; [
-          securetar
-          pyipp
-        ];
+      dataDir = "/home/cynerd";
+      configDir = "/home/cynerd/.config/syncthing";
     };
-  };
 
-  services.zigbee2mqtt = {
-    enable = true;
-    settings = {
-      serial.port = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20220812153849-if00";
-      mqtt = {
-        server = "mqtt://${config.cynerd.hosts.spt.mox}:1883";
-        user = "zigbee2mqtt";
-        password = "!secret.yaml mqtt_password";
-      };
-      advanced = {
-        network_key = "!secret.yaml network_key";
-        homeassistant_legacy_entity_attributes = false;
-        legacy_api = false;
-        legacy_availability_payload = false;
-        last_seen = "epoch";
+    home-assistant = {
+      enable = true;
+      openFirewall = true;
+      configDir = "/var/lib/hass";
+      config = {
+        homeassistant = {
+          name = "SPT";
+          latitude = "!secret latitude";
+          longitude = "!secret longitude";
+          elevation = "!secret elevation";
+          time_zone = "Europe/Prague";
+          country = "CZ";
+        };
+        http.server_port = 8808;
+        mqtt = {
+          sensor = import ../home-assistant/sensors.nix;
+          light = import ../home-assistant/light.nix;
+        };
+        default_config = {};
+        automation = "!include automations.yaml";
       };
-      frontend = true;
-      availability = true;
-      homeassistant = {
-        legacy_triggers = false;
+      extraComponents = ["met"];
+      package = pkgs.home-assistant.override {
+        extraPackages = pkgs:
+          with pkgs; [
+            securetar
+            pyipp
+          ];
       };
-      device_options.legacy = false;
-      permit_join = false;
-      devices = config.secrets.zigbee2mqttDevices;
     };
   };
 }
diff --git a/nixos/configurations/spt-mox.nix b/nixos/configurations/spt-mox.nix
index 989df29..682e4fb 100644
--- a/nixos/configurations/spt-mox.nix
+++ b/nixos/configurations/spt-mox.nix
@@ -1,4 +1,8 @@
-{config, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   turris.board = "mox";
   deploy = {
     enable = true;
@@ -6,7 +10,6 @@
   };
 
   cynerd = {
-    home-assistant = true;
     monitoring.drives = false;
     switch = {
       enable = true;
@@ -49,4 +52,119 @@
       ];
     };
   };
+
+  ##############################################################################
+  networking.firewall.allowedTCPPorts = [
+    1883 # Mosquitto
+  ];
+  services = {
+    mosquitto = {
+      enable = true;
+      listeners = [
+        {
+          users = {
+            cynerd = {
+              acl = ["readwrite #"];
+              passwordFile = "/run/secrets/mosquitto.cynerd.pass";
+            };
+            telegraf = {
+              acl = ["read bigclown/node/#"];
+              passwordFile = "/run/secrets/mosquitto.telegraf.pass";
+            };
+            homeassistant = {
+              acl = [
+                "readwrite homeassistant/#"
+                "readwrite bigclown/#"
+                "readwrite zigbee2mqtt/#"
+              ];
+              passwordFile = "/run/secrets/mosquitto.homeassistant.pass";
+            };
+            bigclown = {
+              acl = ["readwrite bigclown/#"];
+              passwordFile = "/run/secrets/mosquitto.bigclown.pass";
+            };
+            zigbee2mqtt = {
+              acl = [
+                "readwrite homeassistant/#"
+                "readwrite zigbee2mqtt/#"
+              ];
+              passwordFile = "/run/secrets/mosquitto.zigbee2mqtt.pass";
+            };
+          };
+        }
+      ];
+    };
+
+    telegraf.extraConfig = {
+      outputs.influxdb_v2 = [
+        {
+          urls = ["http://cynerd.cz:8086"];
+          token = "$INFLUX_TOKEN";
+          organization = "personal";
+          bucket = "bigclown";
+          tagpass.source = ["bigclown"];
+        }
+      ];
+      inputs.mqtt_consumer = let
+        consumer = data_type: topics: {
+          tags = {source = "bigclown";};
+          servers = ["tcp://localhost:1883"];
+          inherit topics;
+          username = "telegraf";
+          password = "$MQTT_PASSWORD";
+          data_format = "value";
+          inherit data_type;
+          topic_parsing = [
+            {
+              topic = "bigclown/node/+/+/+/+";
+              measurement = "_/_/_/_/_/measurement";
+              tags = "_/_/device/field/_/_";
+            }
+          ];
+        };
+      in [
+        (consumer "float" [
+          "bigclown/node/+/battery/+/voltage"
+          "bigclown/node/+/thermometer/+/temperature"
+          "bigclown/node/+/hygrometer/+/relative-humidity"
+          "bigclown/node/+/lux-meter/+/illuminance"
+          "bigclown/node/+/barometer/+/pressure"
+          "bigclown/node/+/pir/+/event-count"
+          "bigclown/node/+/push-button/+/event-count"
+        ])
+        (consumer "boolean" [
+          "bigclown/node/+/flood-detector/+/alarm"
+        ])
+      ];
+      processors.pivot = [
+        {
+          tag_key = "field";
+          value_key = "value";
+          tagpass.source = ["bigclown"];
+        }
+      ];
+    };
+
+    bcg = {
+      enable = true;
+      device = "/dev/ttyUSB0";
+      baseTopicPrefix = "bigclown/";
+      environmentFiles = ["/run/secrets/bigclown.env"];
+      mqtt = {
+        username = "bigclown";
+        password = "\${MQTT_PASSWORD}";
+      };
+    };
+  };
+
+  systemd.services = {
+    telegraf.wants = ["mosquitto.service"];
+
+    bigclown-leds = {
+      description = "Bigclown LEDs control";
+      wantedBy = ["multi-user.target"];
+      wants = ["mosquitto.service"];
+      serviceConfig.ExecStart = "${pkgs.bigclown-leds}/bin/bigclown-leds /run/secrets/bigclown-leds.ini";
+    };
+  };
 }
diff --git a/nixos/configurations/spt-mox2.nix b/nixos/configurations/spt-mox2.nix
index b416671..9fb4197 100644
--- a/nixos/configurations/spt-mox2.nix
+++ b/nixos/configurations/spt-mox2.nix
@@ -1,8 +1,4 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
+{config, ...}: {
   turris.board = "mox";
   deploy = {
     enable = true;
diff --git a/nixos/configurations/spt-omnia.nix b/nixos/configurations/spt-omnia.nix
index 23aa006..e5d2433 100644
--- a/nixos/configurations/spt-omnia.nix
+++ b/nixos/configurations/spt-omnia.nix
@@ -130,4 +130,34 @@ in {
     tcp flags syn tcp option maxseg size set rt mtu comment "Needed for PPPoE to fix IPv4"
     iifname {"home", "wg"} oifname {"home", "wg"} accept
   '';
+
+  ##############################################################################
+  services = {
+    zigbee2mqtt = {
+      enable = true;
+      settings = {
+        serial.port = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20220812153849-if00";
+        mqtt = {
+          server = "mqtt://${config.cynerd.hosts.spt.mox}:1883";
+          user = "zigbee2mqtt";
+          password = "!secret.yaml mqtt_password";
+        };
+        advanced = {
+          network_key = "!secret.yaml network_key";
+          homeassistant_legacy_entity_attributes = false;
+          legacy_api = false;
+          legacy_availability_payload = false;
+          last_seen = "epoch";
+        };
+        frontend = true;
+        availability = true;
+        homeassistant = {
+          legacy_triggers = false;
+        };
+        device_options.legacy = false;
+        permit_join = false;
+        devices = config.secrets.zigbee2mqttDevices;
+      };
+    };
+  };
 }
author	Karel Kočí <cynerd@email.cz>	2025-01-24 15:01:30 +0100
committer	Karel Kočí <cynerd@email.cz>	2025-01-24 15:01:30 +0100
commit	2f532dc573e35128ea82315289a0714579c9142a (patch)
tree	124ee6bcfce253ca04633af2ebe659016ee06500 /nixos/configurations
parent	55be775b8478c78e3923fba46b6a49d86d81dfb2 (diff)
download	nixos-personal-master.tar.gz nixos-personal-master.tar.bz2 nixos-personal-master.zip