patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

Compare commits

base: patrick:69971151ef6ed2f46942b7155aeaf363aabb25f2
Branches Tags
patrick:master
..
compare: patrick:d999cb30aab3cbca84f262446d79c5159b221083
Branches Tags
patrick:master

No commits in common. "69971151ef6ed2f46942b7155aeaf363aabb25f2" and "d999cb30aab3cbca84f262446d79c5159b221083" have entirely different histories.
69971151ef ... d999cb30aa

3 changed files with 26 additions and 125 deletions
Show stats Expand all files Collapse all files

129
config/services/homeassistant.nix
View file

@ -35,19 +35,6 @@
3001
];
};
networking.nftables.firewall.zones.devices.interfaces = [ "mv-devices" ];
networking.nftables.firewall = {
rules = {
homematic = {
from = [
"devices"
];
to = [ "local" ];
allowedTCPPorts = [ 45053 ];
};
};
};
services.home-assistant = {
enable = true;
extraComponents = [
@ -68,16 +55,6 @@
customComponents = with pkgs.home-assistant-custom-components; [
homematicip_local
];
customLovelaceModules = with pkgs.home-assistant-custom-lovelace-modules; [
bubble-card
weather-card
mini-graph-card
card-mod
mushroom
multiple-entity-row
button-card
];
config = {
http = {
server_host = [ "0.0.0.0" ];
@ -85,7 +62,6 @@
use_x_forwarded_for = true;
trusted_proxies = [ nodes.nucnix-nginx.config.wireguard.services.ipv4 ];
};
lovelace.mode = "yaml";
homeassistant = {
name = "!secret ha_name";
@ -105,9 +81,8 @@
### Components not from default_config
frontend = {
themes = "!include_dir_merge_named themes";
#themes = "!include_dir_merge_named themes";
};
"automation ui" = "!include automations.yaml";
# influxdb = {
# api_version = 2;
@ -120,7 +95,6 @@
# organization = "home";
# bucket = "home_assistant";
# };
# Modbus Varta element backup
modbus = {
@ -279,46 +253,6 @@
device_class = "power";
unit_of_measurement = "W";
}
### Active Power Exponent;
{
name = "mb_varta_active_power_exponent";
slave = 1;
address = 2066;
data_type = "int16";
device_class = "power";
}
### Apparent Power Exponent;
{
name = "mb_varta_apparent_power_exponent";
slave = 1;
address = 2067;
data_type = "int16";
device_class = "power";
}
### Enegrey Counter Exponent;
{
name = "mb_varta_energy_counter_exponent";
slave = 1;
address = 2069;
data_type = "int16";
device_class = "power";
}
### Capacity Counter Exponent;
{
name = "mb_varta_capacity_exponent";
slave = 1;
address = 2071;
data_type = "int16";
device_class = "power";
}
### Grid Power Exponent;
{
name = "mb_varta_grid_power_exponent";
slave = 1;
address = 2078;
data_type = "int16";
device_class = "power";
}
];
};
@ -404,52 +338,21 @@
rekeyFile = config.node.secretsDir + "/secrets.yaml.age";
owner = "hass";
};
systemd.services.home-assistant.preStart =
let
modules = [
(pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "home-assistant";
rev = "e877188ca467e7bbe8991440f6b5f6b3d30347fc";
hash = "sha256-eUqYlaXNLPfaKn3xcRm5AQwTOKf70JF8cepibBb9KXc=";
})
(pkgs.fetchFromGitHub {
owner = "flejz";
repo = "hass-cyberpunk-2077-theme";
rev = "78077ad6298a5bbbc8de4c72858b43cedebaae12";
hash = "sha256-gSlykxPBKji7hAX9E2L7dDtK3zNcRvRjCq2+apgMjFg=";
})
(pkgs.fetchFromGitHub {
owner = "Madelena";
repo = "Metrology-for-Hass";
rev = "3e858768d5afba3f83de0d3fe836336cb20f11ea";
hash = "sha256-IBKIB5KandpjWyVQYXuUvTL3gHHjTLr7saskkqq3A0w=";
})
];
in
lib.mkBefore (
''
if [[ -e ${config.services.home-assistant.configDir}/secrets.yaml ]]; then
rm ${config.services.home-assistant.configDir}/secrets.yaml
fi
systemd.services.home-assistant = {
# Update influxdb token
# We don't use -i because it would require chown with is a @privileged syscall
# INFLUXDB_TOKEN="$(cat ${config.age.secrets.hass-influxdb-token.path})" \
# ${lib.getExe pkgs.yq-go} '.influxdb_token = strenv(INFLUXDB_TOKEN)'
preStart = lib.mkBefore ''
if [[ -e ${config.services.home-assistant.configDir}/secrets.yaml ]]; then
rm ${config.services.home-assistant.configDir}/secrets.yaml
fi
cat ${
config.age.secrets."home-assistant-secrets.yaml".path
} > ${config.services.home-assistant.configDir}/secrets.yaml
touch -a ${config.services.home-assistant.configDir}/{automations,scenes,scripts,manual}.yaml
mkdir -p ${config.services.home-assistant.configDir}/themes
''
+ lib.concatStringsSep "\n" (
lib.flip map modules (x: ''
for i in ${x}/themes/*; do
ln -fFns "$i" ${config.services.home-assistant.configDir}/themes/"$(basename "$i")"
done
for i in ${x}/www/*; do
ln -fFns "$i" ${config.services.home-assistant.configDir}/www/"$(basename "$i")"
done
'')
)
);
cat ${
config.age.secrets."home-assistant-secrets.yaml".path
} > ${config.services.home-assistant.configDir}/secrets.yaml
touch -a ${config.services.home-assistant.configDir}/{automations,scenes,scripts,manual}.yaml
'';
};
}

5
hosts/nucnix/default.nix
View file

@ -29,4 +29,9 @@
nixpkgs.hostPlatform = "x86_64-linux";
topology.self.interfaces.lan.network = "home";
boot = {
kernelParams = [
"intel_iommu=on,igx_off,sm_on"
];
};
}

17
hosts/nucnix/hostapd.nix
View file

@ -22,9 +22,6 @@
generator.script = "alnum";
};
};
# Hostapd tries to delete any bridges it uses when restarting
# If any other service dares also using the bridges, thats too bad
# Have fun resetting your server because they're not coming back
systemd.services.hostapd.stopIfChanged = false;
systemd.services.hostapd.restartIfChanged = false;
systemd.services.hostapd.reloadTriggers = lib.mkForce [ ];
@ -67,15 +64,11 @@
apIsolate = true;
# not supporte by laptop :(
# settings.ieee80211w = 0;
logLevel = 0;
settings = {
vlan_file = "${pkgs.writeText "hostaps.vlans" ''
10 wifi-home br-home
40 wifi-iot br-iot
50 wifi-guests br-guests
''}";
dynamic_vlan = 1;
};
settings.vlan_file = "${pkgs.writeText "hostaps.vlans" ''
10 wifi-home br-home
40 wifi-iot br-iot
50 wifi-guests br-guests
''}";
authentication = {
saePasswords = [
{