dotfiles/system/nixos/weewx-proxy.nix

79 lines
1.9 KiB
Nix
Raw Normal View History

2023-06-07 18:40:27 +00:00
{ pkgs, config, ... }:
{
systemd.services.weewx-proxy = {
description = "A proxy service for WeeWX sources";
wantedBy = [ "multi-user.target" ];
2024-01-21 21:55:44 +00:00
wants = [ "network-online.target" ];
2023-06-07 18:40:27 +00:00
after = [ "network-online.target" ];
serviceConfig = {
DynamicUser = true;
StateDirectory = "weewx-proxy";
EnvironmentFile = [ config.age.secrets.weewx-proxy-environment.path ];
ExecStart = "${pkgs.weewx-proxy}/bin/weewx_proxy start";
Type = "notify";
WatchdogSec = "10s";
Restart = "on-failure";
};
};
2024-09-01 12:19:15 +00:00
services.mosquitto = {
listeners = [
{
address = "0.0.0.0";
port = 1883;
2024-08-09 18:24:24 +00:00
2024-09-01 12:19:15 +00:00
settings = {
protocol = "mqtt";
2024-08-09 18:24:24 +00:00
};
2024-09-01 12:19:15 +00:00
users = {
rtl = {
password = "didYouFindThis";
acl = [ "write rtl433" ];
};
2024-08-09 18:24:24 +00:00
2024-09-01 12:19:15 +00:00
deye = {
password = "didYouFindThis";
acl = [ "write deye/#" ];
};
2024-08-09 18:24:24 +00:00
2024-09-01 12:19:15 +00:00
bitshake = {
password = "didYouFindThis";
acl = [ "write bitshake/#" ];
};
weewx-proxy = {
hashedPasswordFile = config.age.secrets.mosquitto-password-weewx-proxy.path;
acl = [ "read rtl433" "read deye/#" "read bitshake/#" "write hadata/#" ];
};
2024-08-09 18:24:24 +00:00
2024-09-01 12:19:15 +00:00
home-assistant = {
passwordFile = config.age.secrets.mosquitto-password-home-assistant.path;
acl = [ "readwrite #" ];
};
2024-08-09 18:24:24 +00:00
};
2024-09-01 12:19:15 +00:00
}
];
bridges.home-assistant = {
addresses = [{ address = "10.0.0.230"; port = 1883; }];
settings = {
remote_username = "mqtt_bridge";
remote_password = "verySecurePassword";
try_private = true;
2024-08-09 18:24:24 +00:00
};
2024-09-01 12:19:15 +00:00
topics = [ "hadata/# out" "deye/# out" ];
};
};
2024-08-09 18:24:24 +00:00
networking.firewall.interfaces =
let
mosquittoPorts = [ 1883 ];
in
{
"end0".allowedTCPPorts = mosquittoPorts;
"vlan51".allowedTCPPorts = [ 4040 ] ++ mosquittoPorts;
};
2023-06-07 18:40:27 +00:00
}