Compare commits

..

4 commits

Author SHA1 Message Date
Patrick 69971151ef
feat: more homeassistant modules 2025-01-12 14:47:09 +01:00
Patrick d69c94bf1f
fix: hostapd with vlans 2025-01-12 00:25:46 +01:00
Patrick 639f63af9b
fix: hostapd works again 2025-01-11 19:00:41 +01:00
Patrick c6e3d087ab
fix: include automations
feat: include all modbus varta readings
2025-01-11 19:00:08 +01:00
3 changed files with 125 additions and 26 deletions

View file

@ -35,6 +35,19 @@
3001 3001
]; ];
}; };
networking.nftables.firewall.zones.devices.interfaces = [ "mv-devices" ];
networking.nftables.firewall = {
rules = {
homematic = {
from = [
"devices"
];
to = [ "local" ];
allowedTCPPorts = [ 45053 ];
};
};
};
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
extraComponents = [ extraComponents = [
@ -55,6 +68,16 @@
customComponents = with pkgs.home-assistant-custom-components; [ customComponents = with pkgs.home-assistant-custom-components; [
homematicip_local homematicip_local
]; ];
customLovelaceModules = with pkgs.home-assistant-custom-lovelace-modules; [
bubble-card
weather-card
mini-graph-card
card-mod
mushroom
multiple-entity-row
button-card
];
config = { config = {
http = { http = {
server_host = [ "0.0.0.0" ]; server_host = [ "0.0.0.0" ];
@ -62,6 +85,7 @@
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ nodes.nucnix-nginx.config.wireguard.services.ipv4 ]; trusted_proxies = [ nodes.nucnix-nginx.config.wireguard.services.ipv4 ];
}; };
lovelace.mode = "yaml";
homeassistant = { homeassistant = {
name = "!secret ha_name"; name = "!secret ha_name";
@ -81,8 +105,9 @@
### Components not from default_config ### Components not from default_config
frontend = { frontend = {
#themes = "!include_dir_merge_named themes"; themes = "!include_dir_merge_named themes";
}; };
"automation ui" = "!include automations.yaml";
# influxdb = { # influxdb = {
# api_version = 2; # api_version = 2;
@ -95,6 +120,7 @@
# organization = "home"; # organization = "home";
# bucket = "home_assistant"; # bucket = "home_assistant";
# }; # };
# Modbus Varta element backup # Modbus Varta element backup
modbus = { modbus = {
@ -253,6 +279,46 @@
device_class = "power"; device_class = "power";
unit_of_measurement = "W"; unit_of_measurement = "W";
} }
### Active Power Exponent;
{
name = "mb_varta_active_power_exponent";
slave = 1;
address = 2066;
data_type = "int16";
device_class = "power";
}
### Apparent Power Exponent;
{
name = "mb_varta_apparent_power_exponent";
slave = 1;
address = 2067;
data_type = "int16";
device_class = "power";
}
### Enegrey Counter Exponent;
{
name = "mb_varta_energy_counter_exponent";
slave = 1;
address = 2069;
data_type = "int16";
device_class = "power";
}
### Capacity Counter Exponent;
{
name = "mb_varta_capacity_exponent";
slave = 1;
address = 2071;
data_type = "int16";
device_class = "power";
}
### Grid Power Exponent;
{
name = "mb_varta_grid_power_exponent";
slave = 1;
address = 2078;
data_type = "int16";
device_class = "power";
}
]; ];
}; };
@ -338,21 +404,52 @@
rekeyFile = config.node.secretsDir + "/secrets.yaml.age"; rekeyFile = config.node.secretsDir + "/secrets.yaml.age";
owner = "hass"; owner = "hass";
}; };
systemd.services.home-assistant = { systemd.services.home-assistant.preStart =
# Update influxdb token let
# We don't use -i because it would require chown with is a @privileged syscall modules = [
# INFLUXDB_TOKEN="$(cat ${config.age.secrets.hass-influxdb-token.path})" \ (pkgs.fetchFromGitHub {
# ${lib.getExe pkgs.yq-go} '.influxdb_token = strenv(INFLUXDB_TOKEN)' owner = "catppuccin";
preStart = lib.mkBefore '' repo = "home-assistant";
if [[ -e ${config.services.home-assistant.configDir}/secrets.yaml ]]; then rev = "e877188ca467e7bbe8991440f6b5f6b3d30347fc";
rm ${config.services.home-assistant.configDir}/secrets.yaml hash = "sha256-eUqYlaXNLPfaKn3xcRm5AQwTOKf70JF8cepibBb9KXc=";
fi })
(pkgs.fetchFromGitHub {
owner = "flejz";
repo = "hass-cyberpunk-2077-theme";
rev = "78077ad6298a5bbbc8de4c72858b43cedebaae12";
hash = "sha256-gSlykxPBKji7hAX9E2L7dDtK3zNcRvRjCq2+apgMjFg=";
})
(pkgs.fetchFromGitHub {
owner = "Madelena";
repo = "Metrology-for-Hass";
rev = "3e858768d5afba3f83de0d3fe836336cb20f11ea";
hash = "sha256-IBKIB5KandpjWyVQYXuUvTL3gHHjTLr7saskkqq3A0w=";
})
];
in
lib.mkBefore (
''
if [[ -e ${config.services.home-assistant.configDir}/secrets.yaml ]]; then
rm ${config.services.home-assistant.configDir}/secrets.yaml
fi
cat ${ cat ${
config.age.secrets."home-assistant-secrets.yaml".path config.age.secrets."home-assistant-secrets.yaml".path
} > ${config.services.home-assistant.configDir}/secrets.yaml } > ${config.services.home-assistant.configDir}/secrets.yaml
touch -a ${config.services.home-assistant.configDir}/{automations,scenes,scripts,manual}.yaml
mkdir -p ${config.services.home-assistant.configDir}/themes
''
+ lib.concatStringsSep "\n" (
lib.flip map modules (x: ''
for i in ${x}/themes/*; do
ln -fFns "$i" ${config.services.home-assistant.configDir}/themes/"$(basename "$i")"
done
for i in ${x}/www/*; do
ln -fFns "$i" ${config.services.home-assistant.configDir}/www/"$(basename "$i")"
done
'')
)
);
touch -a ${config.services.home-assistant.configDir}/{automations,scenes,scripts,manual}.yaml
'';
};
} }

View file

@ -29,9 +29,4 @@
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
topology.self.interfaces.lan.network = "home"; topology.self.interfaces.lan.network = "home";
boot = {
kernelParams = [
"intel_iommu=on,igx_off,sm_on"
];
};
} }

View file

@ -22,6 +22,9 @@
generator.script = "alnum"; generator.script = "alnum";
}; };
}; };
# Hostapd tries to delete any bridges it uses when restarting
# If any other service dares also using the bridges, thats too bad
# Have fun resetting your server because they're not coming back
systemd.services.hostapd.stopIfChanged = false; systemd.services.hostapd.stopIfChanged = false;
systemd.services.hostapd.restartIfChanged = false; systemd.services.hostapd.restartIfChanged = false;
systemd.services.hostapd.reloadTriggers = lib.mkForce [ ]; systemd.services.hostapd.reloadTriggers = lib.mkForce [ ];
@ -64,11 +67,15 @@
apIsolate = true; apIsolate = true;
# not supporte by laptop :( # not supporte by laptop :(
# settings.ieee80211w = 0; # settings.ieee80211w = 0;
settings.vlan_file = "${pkgs.writeText "hostaps.vlans" '' logLevel = 0;
10 wifi-home br-home settings = {
40 wifi-iot br-iot vlan_file = "${pkgs.writeText "hostaps.vlans" ''
50 wifi-guests br-guests 10 wifi-home br-home
''}"; 40 wifi-iot br-iot
50 wifi-guests br-guests
''}";
dynamic_vlan = 1;
};
authentication = { authentication = {
saePasswords = [ saePasswords = [
{ {