1
0
Fork 0
dotfiles/system/nixos/weewx-proxy.nix

67 lines
1.6 KiB
Nix
Raw Normal View History

2023-06-07 18:40:27 +00:00
{ pkgs, config, ... }:
{
systemd.services.weewx-proxy = {
description = "A proxy service for WeeWX sources";
wantedBy = [ "multi-user.target" ];
2024-01-21 21:55:44 +00:00
wants = [ "network-online.target" ];
2023-06-07 18:40:27 +00:00
after = [ "network-online.target" ];
serviceConfig = {
DynamicUser = true;
StateDirectory = "weewx-proxy";
EnvironmentFile = [ config.age.secrets.weewx-proxy-environment.path ];
ExecStart = "${pkgs.weewx-proxy}/bin/weewx_proxy start";
Type = "notify";
WatchdogSec = "10s";
Restart = "on-failure";
};
};
2024-08-09 18:24:24 +00:00
services.mosquitto.listeners = [
{
address = "0.0.0.0";
port = 1883;
settings = {
protocol = "mqtt";
};
users = {
rtl = {
password = "didYouFindThis";
acl = [ "write rtl433" ];
};
deye = {
password = "didYouFindThis";
acl = [ "write deye/#" ];
};
bitshake = {
password = "didYouFindThis";
acl = [ "write bitshake/#" ];
};
weewx-proxy = {
hashedPasswordFile = config.age.secrets.mosquitto-password-weewx-proxy.path;
2024-08-10 10:30:52 +00:00
acl = [ "read rtl433" "read deye/#" "read bitshake/#" "write hadata/#" ];
2024-08-09 18:24:24 +00:00
};
home-assistant = {
passwordFile = config.age.secrets.mosquitto-password-home-assistant.path;
acl = [ "readwrite #" ];
};
};
}
];
networking.firewall.interfaces =
let
mosquittoPorts = [ 1883 ];
in
{
"end0".allowedTCPPorts = mosquittoPorts;
"vlan51".allowedTCPPorts = [ 4040 ] ++ mosquittoPorts;
};
2023-06-07 18:40:27 +00:00
}