aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--flake.lock14
-rw-r--r--nixos/configurations/errol.nix101
-rw-r--r--nixos/configurations/spt-mox.nix122
-rw-r--r--nixos/configurations/spt-mox2.nix6
-rw-r--r--nixos/configurations/spt-omnia.nix30
-rw-r--r--nixos/home-assistant/light.nix (renamed from nixos/modules/home-assistant/light.nix)0
-rw-r--r--nixos/home-assistant/sensors.nix (renamed from nixos/modules/home-assistant/sensors.nix)0
-rw-r--r--nixos/modules/home-assistant.nix164
8 files changed, 196 insertions, 241 deletions
diff --git a/flake.lock b/flake.lock
index 9a0355b..bf4cadc 100644
--- a/flake.lock
+++ b/flake.lock
@@ -333,11 +333,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
- "lastModified": 1715772678,
- "narHash": "sha256-UxVyJzWt4/TzJhfbX2LcKAb1fhAH0PXJA9boUaHsyZ0=",
+ "lastModified": 1737711206,
+ "narHash": "sha256-REAllCehBD7otzk2m/nG32eYQ/uH1giurpqpheOSbAI=",
"owner": "cynerd",
"repo": "nixturris",
- "rev": "c3cf29dba9af8a226e527f11b80305bcdd22e5dd",
+ "rev": "b7873f03f303f1cfaaee4989b70da22d2ff760b6",
"type": "gitlab"
},
"original": {
@@ -348,11 +348,11 @@
},
"personal-secret": {
"locked": {
- "lastModified": 1737384491,
- "narHash": "sha256-5ePb3HAOoepnaADMZF2ATdkMr0bBP/s9zDqSqyrlX+A=",
+ "lastModified": 1737712272,
+ "narHash": "sha256-vSumdcYN3vjO1B+44FHIl7Wr2YOS1H/wmPDiKKenLbU=",
"ref": "refs/heads/master",
- "rev": "81298163c38df333577b498eaf372e287b31ba93",
- "revCount": 122,
+ "rev": "97ec652e8a60ca8362aea0e7f6f1f1066417b354",
+ "revCount": 123,
"type": "git",
"url": "ssh://git@cynerd.cz/nixos-personal-secret"
},
diff --git a/nixos/configurations/errol.nix b/nixos/configurations/errol.nix
index 407cf82..e9b0599 100644
--- a/nixos/configurations/errol.nix
+++ b/nixos/configurations/errol.nix
@@ -89,75 +89,50 @@ in {
pkgs.nvtopPackages.amd
];
- services.syncthing = {
- enable = true;
- user = mkDefault "cynerd";
- group = mkDefault "cynerd";
- openDefaultPorts = true;
-
- overrideDevices = false;
- overrideFolders = false;
+ ##############################################################################
+ services = {
+ syncthing = {
+ enable = true;
+ user = mkDefault "cynerd";
+ group = mkDefault "cynerd";
+ openDefaultPorts = true;
- dataDir = "/home/cynerd";
- configDir = "/home/cynerd/.config/syncthing";
- };
+ overrideDevices = false;
+ overrideFolders = false;
- nixpkgs.config.permittedInsecurePackages = ["openssl-1.1.1w"]; # TODO
- services.home-assistant = {
- enable = true;
- openFirewall = true;
- configDir = "/var/lib/hass";
- config = {
- homeassistant = {
- name = "SPT";
- latitude = "!secret latitude";
- longitude = "!secret longitude";
- elevation = "!secret elevation";
- time_zone = "Europe/Prague";
- country = "CZ";
- };
- http.server_port = 8808;
- mqtt = {
- sensor = import ../modules/home-assistant/sensors.nix;
- light = import ../modules/home-assistant/light.nix;
- };
- default_config = {};
- automation = "!include automations.yaml";
- };
- extraComponents = ["met"];
- package = pkgs.home-assistant.override {
- extraPackages = pkgs:
- with pkgs; [
- securetar
- pyipp
- ];
+ dataDir = "/home/cynerd";
+ configDir = "/home/cynerd/.config/syncthing";
};
- };
- services.zigbee2mqtt = {
- enable = true;
- settings = {
- serial.port = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20220812153849-if00";
- mqtt = {
- server = "mqtt://${config.cynerd.hosts.spt.mox}:1883";
- user = "zigbee2mqtt";
- password = "!secret.yaml mqtt_password";
- };
- advanced = {
- network_key = "!secret.yaml network_key";
- homeassistant_legacy_entity_attributes = false;
- legacy_api = false;
- legacy_availability_payload = false;
- last_seen = "epoch";
+ home-assistant = {
+ enable = true;
+ openFirewall = true;
+ configDir = "/var/lib/hass";
+ config = {
+ homeassistant = {
+ name = "SPT";
+ latitude = "!secret latitude";
+ longitude = "!secret longitude";
+ elevation = "!secret elevation";
+ time_zone = "Europe/Prague";
+ country = "CZ";
+ };
+ http.server_port = 8808;
+ mqtt = {
+ sensor = import ../home-assistant/sensors.nix;
+ light = import ../home-assistant/light.nix;
+ };
+ default_config = {};
+ automation = "!include automations.yaml";
};
- frontend = true;
- availability = true;
- homeassistant = {
- legacy_triggers = false;
+ extraComponents = ["met"];
+ package = pkgs.home-assistant.override {
+ extraPackages = pkgs:
+ with pkgs; [
+ securetar
+ pyipp
+ ];
};
- device_options.legacy = false;
- permit_join = false;
- devices = config.secrets.zigbee2mqttDevices;
};
};
}
diff --git a/nixos/configurations/spt-mox.nix b/nixos/configurations/spt-mox.nix
index 989df29..682e4fb 100644
--- a/nixos/configurations/spt-mox.nix
+++ b/nixos/configurations/spt-mox.nix
@@ -1,4 +1,8 @@
-{config, ...}: {
+{
+ config,
+ pkgs,
+ ...
+}: {
turris.board = "mox";
deploy = {
enable = true;
@@ -6,7 +10,6 @@
};
cynerd = {
- home-assistant = true;
monitoring.drives = false;
switch = {
enable = true;
@@ -49,4 +52,119 @@
];
};
};
+
+ ##############################################################################
+ networking.firewall.allowedTCPPorts = [
+ 1883 # Mosquitto
+ ];
+ services = {
+ mosquitto = {
+ enable = true;
+ listeners = [
+ {
+ users = {
+ cynerd = {
+ acl = ["readwrite #"];
+ passwordFile = "/run/secrets/mosquitto.cynerd.pass";
+ };
+ telegraf = {
+ acl = ["read bigclown/node/#"];
+ passwordFile = "/run/secrets/mosquitto.telegraf.pass";
+ };
+ homeassistant = {
+ acl = [
+ "readwrite homeassistant/#"
+ "readwrite bigclown/#"
+ "readwrite zigbee2mqtt/#"
+ ];
+ passwordFile = "/run/secrets/mosquitto.homeassistant.pass";
+ };
+ bigclown = {
+ acl = ["readwrite bigclown/#"];
+ passwordFile = "/run/secrets/mosquitto.bigclown.pass";
+ };
+ zigbee2mqtt = {
+ acl = [
+ "readwrite homeassistant/#"
+ "readwrite zigbee2mqtt/#"
+ ];
+ passwordFile = "/run/secrets/mosquitto.zigbee2mqtt.pass";
+ };
+ };
+ }
+ ];
+ };
+
+ telegraf.extraConfig = {
+ outputs.influxdb_v2 = [
+ {
+ urls = ["http://cynerd.cz:8086"];
+ token = "$INFLUX_TOKEN";
+ organization = "personal";
+ bucket = "bigclown";
+ tagpass.source = ["bigclown"];
+ }
+ ];
+ inputs.mqtt_consumer = let
+ consumer = data_type: topics: {
+ tags = {source = "bigclown";};
+ servers = ["tcp://localhost:1883"];
+ inherit topics;
+ username = "telegraf";
+ password = "$MQTT_PASSWORD";
+ data_format = "value";
+ inherit data_type;
+ topic_parsing = [
+ {
+ topic = "bigclown/node/+/+/+/+";
+ measurement = "_/_/_/_/_/measurement";
+ tags = "_/_/device/field/_/_";
+ }
+ ];
+ };
+ in [
+ (consumer "float" [
+ "bigclown/node/+/battery/+/voltage"
+ "bigclown/node/+/thermometer/+/temperature"
+ "bigclown/node/+/hygrometer/+/relative-humidity"
+ "bigclown/node/+/lux-meter/+/illuminance"
+ "bigclown/node/+/barometer/+/pressure"
+ "bigclown/node/+/pir/+/event-count"
+ "bigclown/node/+/push-button/+/event-count"
+ ])
+ (consumer "boolean" [
+ "bigclown/node/+/flood-detector/+/alarm"
+ ])
+ ];
+ processors.pivot = [
+ {
+ tag_key = "field";
+ value_key = "value";
+ tagpass.source = ["bigclown"];
+ }
+ ];
+ };
+
+ bcg = {
+ enable = true;
+ device = "/dev/ttyUSB0";
+ baseTopicPrefix = "bigclown/";
+ environmentFiles = ["/run/secrets/bigclown.env"];
+ mqtt = {
+ username = "bigclown";
+ password = "\${MQTT_PASSWORD}";
+ };
+ };
+ };
+
+ systemd.services = {
+ telegraf.wants = ["mosquitto.service"];
+
+ bigclown-leds = {
+ description = "Bigclown LEDs control";
+ wantedBy = ["multi-user.target"];
+ wants = ["mosquitto.service"];
+ serviceConfig.ExecStart = "${pkgs.bigclown-leds}/bin/bigclown-leds /run/secrets/bigclown-leds.ini";
+ };
+ };
}
diff --git a/nixos/configurations/spt-mox2.nix b/nixos/configurations/spt-mox2.nix
index b416671..9fb4197 100644
--- a/nixos/configurations/spt-mox2.nix
+++ b/nixos/configurations/spt-mox2.nix
@@ -1,8 +1,4 @@
-{
- config,
- pkgs,
- ...
-}: {
+{config, ...}: {
turris.board = "mox";
deploy = {
enable = true;
diff --git a/nixos/configurations/spt-omnia.nix b/nixos/configurations/spt-omnia.nix
index 23aa006..e5d2433 100644
--- a/nixos/configurations/spt-omnia.nix
+++ b/nixos/configurations/spt-omnia.nix
@@ -130,4 +130,34 @@ in {
tcp flags syn tcp option maxseg size set rt mtu comment "Needed for PPPoE to fix IPv4"
iifname {"home", "wg"} oifname {"home", "wg"} accept
'';
+
+ ##############################################################################
+ services = {
+ zigbee2mqtt = {
+ enable = true;
+ settings = {
+ serial.port = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20220812153849-if00";
+ mqtt = {
+ server = "mqtt://${config.cynerd.hosts.spt.mox}:1883";
+ user = "zigbee2mqtt";
+ password = "!secret.yaml mqtt_password";
+ };
+ advanced = {
+ network_key = "!secret.yaml network_key";
+ homeassistant_legacy_entity_attributes = false;
+ legacy_api = false;
+ legacy_availability_payload = false;
+ last_seen = "epoch";
+ };
+ frontend = true;
+ availability = true;
+ homeassistant = {
+ legacy_triggers = false;
+ };
+ device_options.legacy = false;
+ permit_join = false;
+ devices = config.secrets.zigbee2mqttDevices;
+ };
+ };
+ };
}
diff --git a/nixos/modules/home-assistant/light.nix b/nixos/home-assistant/light.nix
index a9d158b..a9d158b 100644
--- a/nixos/modules/home-assistant/light.nix
+++ b/nixos/home-assistant/light.nix
diff --git a/nixos/modules/home-assistant/sensors.nix b/nixos/home-assistant/sensors.nix
index fadd4eb..fadd4eb 100644
--- a/nixos/modules/home-assistant/sensors.nix
+++ b/nixos/home-assistant/sensors.nix
diff --git a/nixos/modules/home-assistant.nix b/nixos/modules/home-assistant.nix
deleted file mode 100644
index ab16e8a..0000000
--- a/nixos/modules/home-assistant.nix
+++ /dev/null
@@ -1,164 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}: let
- inherit (lib) mkIf mkEnableOption;
-in {
- options = {
- cynerd.home-assistant = mkEnableOption "Enable Home Assistant and Bigclown";
- };
-
- config = mkIf config.cynerd.home-assistant {
- services.mosquitto = {
- enable = true;
- listeners = [
- {
- users = {
- cynerd = {
- acl = ["readwrite #"];
- passwordFile = "/run/secrets/mosquitto.cynerd.pass";
- };
- telegraf = {
- acl = ["read bigclown/node/#"];
- passwordFile = "/run/secrets/mosquitto.telegraf.pass";
- };
- homeassistant = {
- acl = [
- "readwrite homeassistant/#"
- "readwrite bigclown/#"
- "readwrite zigbee2mqtt/#"
- ];
- passwordFile = "/run/secrets/mosquitto.homeassistant.pass";
- };
- bigclown = {
- acl = ["readwrite bigclown/#"];
- passwordFile = "/run/secrets/mosquitto.bigclown.pass";
- };
- zigbee2mqtt = {
- acl = [
- "readwrite homeassistant/#"
- "readwrite zigbee2mqtt/#"
- ];
- passwordFile = "/run/secrets/mosquitto.zigbee2mqtt.pass";
- };
- };
- }
- ];
- };
- networking.firewall.allowedTCPPorts = [
- 1883 # Mosquitto
- ];
-
- services.bcg = {
- enable = true;
- device = "/dev/ttyUSB0";
- baseTopicPrefix = "bigclown/";
- environmentFiles = ["/run/secrets/bigclown.env"];
- mqtt = {
- username = "bigclown";
- password = "\${MQTT_PASSWORD}";
- };
- };
-
- systemd.services.bigclown-leds = {
- description = "Bigclown LEDs control";
- wantedBy = ["multi-user.target"];
- wants = ["mosquitto.service"];
- serviceConfig.ExecStart = "${pkgs.bigclown-leds}/bin/bigclown-leds /run/secrets/bigclown-leds.ini";
- };
-
- services.telegraf.extraConfig = {
- outputs.influxdb_v2 = [
- {
- urls = ["http://cynerd.cz:8086"];
- token = "$INFLUX_TOKEN";
- organization = "personal";
- bucket = "bigclown";
- tagpass.source = ["bigclown"];
- }
- ];
- inputs.mqtt_consumer = let
- consumer = data_type: topics: {
- tags = {source = "bigclown";};
- servers = ["tcp://localhost:1883"];
- inherit topics;
- username = "telegraf";
- password = "$MQTT_PASSWORD";
- data_format = "value";
- inherit data_type;
- topic_parsing = [
- {
- topic = "bigclown/node/+/+/+/+";
- measurement = "_/_/_/_/_/measurement";
- tags = "_/_/device/field/_/_";
- }
- ];
- };
- in [
- (consumer "float" [
- "bigclown/node/+/battery/+/voltage"
- "bigclown/node/+/thermometer/+/temperature"
- "bigclown/node/+/hygrometer/+/relative-humidity"
- "bigclown/node/+/lux-meter/+/illuminance"
- "bigclown/node/+/barometer/+/pressure"
- "bigclown/node/+/pir/+/event-count"
- "bigclown/node/+/push-button/+/event-count"
- ])
- (consumer "boolean" [
- "bigclown/node/+/flood-detector/+/alarm"
- ])
- ];
- processors.pivot = [
- {
- tag_key = "field";
- value_key = "value";
- tagpass.source = ["bigclown"];
- }
- ];
- };
- systemd.services.telegraf.wants = ["mosquitto.service"];
-
- #nixpkgs.config.permittedInsecurePackages = ["openssl-1.1.1w"]; # TODO
- services.home-assistant = {
- enable = false;
- openFirewall = true;
- configDir = "/var/lib/hass";
- config = {
- homeassistant = {
- name = "SPT";
- latitude = "!secret latitude";
- longitude = "!secret longitude";
- elevation = "!secret elevation";
- time_zone = "Europe/Prague";
- country = "CZ";
- };
- http.server_port = 8808;
- mqtt = {
- sensor = import ./home-assistant/sensors.nix;
- light = import ./home-assistant/light.nix;
- };
- default_config = {};
- automation = "!include automations.yaml";
- };
- extraComponents = ["met"];
- package = pkgs.home-assistant.override {
- extraPackages = pkgs:
- with pkgs; [
- securetar
- pyipp
- ];
- packageOverrides = _: super: {
- scapy = super.scapy.override {
- withPlottingSupport = false;
- };
- s3transfer = super.s3transfer.overridePythonAttrs {
- dontUsePytestCheck = true;
- dontUseSetuptoolsCheck = true;
- };
- };
- };
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-30 21:57:48 +0000