Add ha2, update home-assistant config
This commit is contained in:
parent
e10e91571c
commit
668fa94359
|
@ -5,17 +5,22 @@
|
|||
...
|
||||
}: {
|
||||
# HTTP
|
||||
services.nginx = {
|
||||
virtualHosts."ha.gssws.de" = {
|
||||
services.nginx.virtualHosts = let
|
||||
makeVirtualHost = target: {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://10.0.1.254:8123";
|
||||
proxyPass = target;
|
||||
proxyWebsockets = true;
|
||||
extraConfig =
|
||||
"proxy_ssl_server_name on;"
|
||||
+ "proxy_pass_header Authorization;";
|
||||
extraConfig = ''
|
||||
proxy_ssl_server_name on;
|
||||
proxy_pass_header Authorization;
|
||||
'';
|
||||
};
|
||||
};
|
||||
in {
|
||||
"ha.gssws.de" = makeVirtualHost "http://10.0.1.254:8123";
|
||||
"ha2.gssws.de" = makeVirtualHost "http://10.0.1.11:8123";
|
||||
"ha.karinsokolowski.de" = makeVirtualHost "http://10.0.1.13:8123";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,47 +4,63 @@
|
|||
pkgs,
|
||||
...
|
||||
}: {
|
||||
config = {
|
||||
services.mosquitto = {
|
||||
pub-solar.home-assistant = {
|
||||
enable = true;
|
||||
listeners = [
|
||||
{
|
||||
users = {
|
||||
z2m.hashedPassword = "$7$101$iZE7WOCQIaLtuoVN$M7AAB/mMmhkuXQVmu2RPoJzm744bmwxGTJwE0eoqlPAjyQHbjmOWfEuKoo9jnQCoQu2T96gS8znsUNizGgPWiQ==";
|
||||
ha.hashedPassword = "$7$101$jLA9PReG5btNSvw8$O0c3UzCfcBcvqVH8kMZIwEims7p1L4o/DmOTHO9w9731ggC5SyUpJGQIDiUbv+IrTl/H0+Fz9QF/jvY0QCuxuA==";
|
||||
};
|
||||
}
|
||||
|
||||
extraComponents = ["androidtv" "fritz" "fritzbox" "fritzbox_callmonitor" "met" "mqtt"];
|
||||
extraPackages = python3Packages:
|
||||
with python3Packages; [
|
||||
# androidtv
|
||||
adb-shell
|
||||
aiofiles
|
||||
androidtv
|
||||
|
||||
# hacs
|
||||
aiogithubapi
|
||||
|
||||
# totop
|
||||
pyotp
|
||||
];
|
||||
};
|
||||
|
||||
services.udev.extraRules = ''KERNEL=="ttyS0", OWNER="zigbee2mqtt", GROUP="zigbee2mqtt"'';
|
||||
|
||||
services.zigbee2mqtt = {
|
||||
enable = true;
|
||||
settings = {
|
||||
frontend = true;
|
||||
permit_join = true;
|
||||
homeassistant = true;
|
||||
options = "-d -d";
|
||||
mqtt = {
|
||||
user = "z2m";
|
||||
password = "!secrets.yaml mqtt_password";
|
||||
enable = true;
|
||||
users = {
|
||||
ha = {
|
||||
acl = [
|
||||
"readwrite #"
|
||||
];
|
||||
hashedPassword = "$7$101$jLA9PReG5btNSvw8$O0c3UzCfcBcvqVH8kMZIwEims7p1L4o/DmOTHO9w9731ggC5SyUpJGQIDiUbv+IrTl/H0+Fz9QF/jvY0QCuxuA==";
|
||||
};
|
||||
serial = {
|
||||
port = "/dev/ttyS0";
|
||||
nono = {
|
||||
acl = [
|
||||
"readwrite #"
|
||||
];
|
||||
hashedPassword = "$7$101$votbflBI1KrRRzBy$hCC/qo7Ggaf2vaLv7lo5uPnyrTCb0i6hPQvXuL/OrrUpzP+KNl6efEU7yQ0cDH6/rJ16Fe2PWSTcW+pL8dlgmg==";
|
||||
};
|
||||
z2m = {
|
||||
acl = [
|
||||
"readwrite #"
|
||||
];
|
||||
hashedPassword = "$7$101$iZE7WOCQIaLtuoVN$M7AAB/mMmhkuXQVmu2RPoJzm744bmwxGTJwE0eoqlPAjyQHbjmOWfEuKoo9jnQCoQu2T96gS8znsUNizGgPWiQ==";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
zigbee2mqtt = {
|
||||
enable = true;
|
||||
device = "/dev/ttyS0";
|
||||
adapter = "deconz";
|
||||
};
|
||||
#advanced.network_key = "'!secrets.yaml network_key'";
|
||||
};
|
||||
};
|
||||
|
||||
#users.users.hass.extraGroups = [ "tty" ];
|
||||
|
||||
services.home-assistant = {
|
||||
enable = true;
|
||||
extraComponents = ["fritz" "fritzbox" "fritzbox_callmonitor" "met" "mqtt"];
|
||||
config = {
|
||||
homeassistant = {};
|
||||
homeassistant = {
|
||||
name = "Berrendorf";
|
||||
time_zone = "Europe/Berlin";
|
||||
temperature_unit = "C";
|
||||
unit_system = "metric";
|
||||
latitude = "50.9279036523298";
|
||||
longitude = "6.583225751885932";
|
||||
};
|
||||
http = {
|
||||
ip_ban_enabled = false;
|
||||
use_x_forwarded_for = true;
|
||||
|
@ -53,7 +69,6 @@
|
|||
"10.254.0.21"
|
||||
"10.0.1.5"
|
||||
"10.0.1.6"
|
||||
"172.16.0.0/12"
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -72,5 +87,4 @@
|
|||
zeroconf = {};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,16 +1,18 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./home-controller.nix
|
||||
./tang-container.nix
|
||||
./home-assistant.nix
|
||||
];
|
||||
|
||||
boot.loader.timeout = 0;
|
||||
|
@ -50,7 +52,7 @@
|
|||
];
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.allowedTCPPorts = [ 2380 6443 ];
|
||||
networking.firewall.allowedTCPPorts = [2380 6443];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
@ -63,4 +65,3 @@
|
|||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
}
|
||||
|
||||
|
|
94
hosts/giggles/home-assistant.nix
Normal file
94
hosts/giggles/home-assistant.nix
Normal file
|
@ -0,0 +1,94 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
age.secrets.home-assistant_giggles_secrets = {
|
||||
file = "${self}/secrets/home-assistant_giggles_secrets.age";
|
||||
path = "${config.services.home-assistant.configDir}/secrets.yaml";
|
||||
owner = config.systemd.services.home-assistant.serviceConfig.User;
|
||||
group = config.systemd.services.home-assistant.serviceConfig.Group;
|
||||
mode = "0644";
|
||||
};
|
||||
|
||||
pub-solar.home-assistant = {
|
||||
enable = true;
|
||||
extraComponents = ["met"];
|
||||
extraPackages = python3Packages:
|
||||
with python3Packages; [
|
||||
# hacs
|
||||
aiogithubapi
|
||||
|
||||
# totop
|
||||
pyotp
|
||||
];
|
||||
|
||||
config = {
|
||||
homeassistant = {
|
||||
name = "Wohnung";
|
||||
time_zone = "Europe/Berlin";
|
||||
temperature_unit = "C";
|
||||
unit_system = "metric";
|
||||
latitude = "52.31501090166047";
|
||||
longitude = "8.910633035293603";
|
||||
};
|
||||
http = {
|
||||
ip_ban_enabled = false;
|
||||
use_x_forwarded_for = true;
|
||||
trusted_proxies = [
|
||||
"127.0.0.1"
|
||||
"10.254.0.21"
|
||||
"10.0.1.5"
|
||||
"10.0.1.6"
|
||||
];
|
||||
};
|
||||
|
||||
energy = {};
|
||||
frontend = {};
|
||||
history = {};
|
||||
map = {};
|
||||
my = {};
|
||||
mobile_app = {};
|
||||
network = {};
|
||||
notify = {};
|
||||
person = {};
|
||||
ssdp = {};
|
||||
sun = {};
|
||||
system_health = {};
|
||||
zeroconf = {};
|
||||
|
||||
device_tracker = [
|
||||
{
|
||||
platform = "luci";
|
||||
host = "192.168.8.1";
|
||||
username = "!secret router_admin_username";
|
||||
password = "!secret router_admin_password";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
mqtt = {
|
||||
enable = true;
|
||||
users = {
|
||||
ha = {
|
||||
acl = [
|
||||
"readwrite #"
|
||||
];
|
||||
hashedPassword = "$7$101$lFt8hQl3O8aKF+bO$pcZuI18IT5t4/fpKZmLZQwQs+vcbxZdAQAYJOxRwXGYsxCRjb8jUSU+ZRlpqokOGqf/Cgvymfvml+yoGaC8eaw==";
|
||||
};
|
||||
z2m = {
|
||||
acl = [
|
||||
"readwrite #"
|
||||
];
|
||||
hashedPassword = "$7$101$M0Q/s9ReWPaMy+pT$Y8t9DwmW3y74lyvYrCE+sqEcz9yGG9VaHw8vt4wVZgUVVV9muY00ymjkwsTNtaTIlnQyB7z7POPLT3PURtQfeg==";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
zigbee2mqtt = {
|
||||
enable = true;
|
||||
device = "/dev/serial/by-id/usb-Nabu_Casa_SkyConnect_v1.0_aaf7050fdb42ed11bb2843ab2a61ed69-if00-port0";
|
||||
};
|
||||
};
|
||||
}
|
13
secrets/home-assistant_giggles_secrets.age
Normal file
13
secrets/home-assistant_giggles_secrets.age
Normal file
|
@ -0,0 +1,13 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 hPyiJw oG/5rmZ9UgGK3e8qXKmZzhiryYmCVYeKS1nDpwSTfVs
|
||||
MJKlWHLkFM5fha9l6BabAnj+bLHpwv6cjidybl+vOAc
|
||||
-> ssh-ed25519 YFSOsg Ia9u8+B4u40MKJc2FcOic76b2cwz1u2rihwX/XPpySc
|
||||
q82pu1G1QSYLycGElN094KRDTm8RBUeM6NiYpYer+UE
|
||||
-> ssh-ed25519 iHV63A uf6L+90o2IeCY7V8434HN66Gt5L4UL6gIRfc6dYTeCs
|
||||
UGYpeHJeP6h994sUFSK82Y8OgHwtP3LVbqFtJnwsND8
|
||||
-> ssh-ed25519 g09OFQ BYBvE0DQe8k1YEx8YddrGbWVLcf/ejXqispXsLWahw4
|
||||
a2fZ7U6C6oSvUQMUx8V6rBwNanyxzLTKEIxAqHJmKhU
|
||||
-> Vd0/1*-grease
|
||||
KHpMCkTFMg
|
||||
--- zWpaOBCCbGyYYdtiMRR1qQBLltGh+voIBeGnncruCfk
|
||||
ó&(8f+ä…$à'ˆ6Q7(–ƵhEŸGÍ!P9Fã–ÅHh5í…Ôÿ=BOýN°6~°Ã8è[vçÅù óùãË̘,ôy»<>¼ê‹ni§cÚ„…¹
p¡ì_dâêE’¨³Ç:32a,„È}c<C2AD>ãÈ7&銧‡e
|
|
@ -25,7 +25,11 @@ let
|
|||
in {
|
||||
"email_gssws_password.age".publicKeys = users ++ systems_email_accounts;
|
||||
|
||||
"norman_hosting_de_momo.age".publicKeys = users ++ [system_norman];
|
||||
|
||||
"home_controller_giggles_wireguard_key.age".publicKeys = users ++ [system_giggles];
|
||||
"home-assistant_giggles_secrets.age".publicKeys = users ++ [system_giggles];
|
||||
|
||||
"home_controller_cox_wireguard_key.age".publicKeys = users ++ [system_cox];
|
||||
"home_controller_companion_wireguard_key.age".publicKeys = users ++ [system_companion];
|
||||
|
||||
|
|
Loading…
Reference in a new issue