zaphyra's git: nixfiles

zaphyra and void's nixfiles

path: /config/nixos/modules/presets/zaphyra/smarthome/zigbee2mqtt.nix 3.19 KB | plain
1 
2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 
30 
31 
32 
33 
34 
35 
36 
37 
38 
39 
40 
41 
42 
43 
44 
45 
46 
47 
48 
49 
50 
51 
52 
53 
54 
55 
56 
57 
58 
59 
60 
61 
62 
63 
64 
65 
66 
67 
68 
69 
70 
71 
72 
73 
74 
75 
76 
77 
78 
79 
80 
81 
82 
83 
84 
85 
86 
87 
88 
89 
90 
91 
92 
93 
94 
95 
96 
97 
98 
99 
100 
101 
102 
103 
104 
105 
106 
107 
108 
109 
110 
111 
112 
113 
114 
115 
116 
117 
118 
119 
120 
121 
122 
{
  inputs,
  povSelf,
  pkgs,
  lib,
  config,
  hostConfig,
  ...
}:
let
  inherit (lib) types;
  cfg = lib.getAttrFromPath povSelf config;

in
{

  option = {
    type = types.bool;
    default = false;
  };

  config = lib.mkIf cfg {
    dns.zones."zaphyra.eu".subdomains."zigbee2mqtt.home.infra".AAAA = [
      hostConfig.networking.ip6Address
    ];

    modules.filesystem.impermanence.system.dirs = [
      {
        directory = "/var/lib/zigbee2mqtt";
        mode = "0770";
        user = "zigbee2mqtt";
        group = "zigbee2mqtt";
      }
    ];

    sops.secrets."zigbee2mqttSecrets.yaml" = {
      owner = "zigbee2mqtt";
      key = "zigbee2mqttSecrets";
    };

    systemd.services.zigbee2mqtt = {
      requires = [ "mosquitto.service" ];
      after = [ "mosquitto.service" ];
      serviceConfig = {
        Restart = lib.mkForce "always";
        RuntimeMaxSec = "1d";
      };
    };

    services = {
      udev.extraRules = ''
        SUBSYSTEM=="tty", ATTRS{idVendor}=="10c4", ATTRS{serial}=="00_12_4B_00_25_9B_C1_FC", SYMLINK+="zigbee0"
        ATTR{idVendor}=="0451", ATTR{idProduct}=="16a8", ENV{ID_MM_DEVICE_IGNORE}="1"
        SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="zigbee0"
      '';

      nginx = {
        enable = true;
        virtualHosts."zigbee2mqtt.${config.networking.domain}" = {
          useACMEHost = config.networking.fqdn;
          forceSSL = true;
          kTLS = true;
          extraConfig = ''
            ssl_client_certificate ${inputs.self.resources.zaphyra.rootCA};
            ssl_verify_client on;
          '';
          locations."/" = {
            proxyPass = "http://[::1]:${toString config.services.zigbee2mqtt.settings.frontend.port}";
            proxyWebsockets = true;
          };
        };
      };

      zigbee2mqtt = {
        enable = true;
        package = pkgs.zigbee2mqtt;
        settings = {
          homeassistant = false;
          permit_join = false;

          mqtt = {
            base_topic = "zigbee2mqtt";
            server = "mqtt://[::1]";
          };

          serial = {
            port = "/dev/zigbee0";
            disable_led = true;
          };

          frontend = {
            port = 8422;
            host = "::1";
          };

          advanced = {
            log_level = "info";
            log_output = [ "console" ];
            channel = 26;
            network_key = "!${config.sops.secrets."zigbee2mqttSecrets.yaml".path} network_key";
          };

          device_options.retain = true;
          devices = {
            "0x84fd27fffe6b9ddd".friendly_name = "ikea_lamp_hallway";
            "0x94deb8fffe52e639".friendly_name = "ikea_lamp_rgb";
            "0x84fd27fffe44369e".friendly_name = "ikea_lamp_sleepingroom";
            "0x84fd27fffea515fc".friendly_name = "ikea_lamp_livingroom";

            "0xa4c138da0f6d23de".friendly_name = "tuya_led_stripe_desk";

            "0xa4c1389d5f391891".friendly_name = "tuya_sensor_fridge";
            "0xa4c13809f76bcdc2".friendly_name = "tuya_sensor_bathroom";
            "0xa4c13882b76fa1ac".friendly_name = "tuya_sensor_sleepingroom";
            "0xa4c138ebeae2efd2".friendly_name = "tuya_sensor_l2";
          };
        };
      };
    };
  };

}