1
0
Fork 0
dotfiles/container/deye/default.nix
Daniel Kempkens 78ed12e7a6
All checks were successful
Build / build-amd64-linux (push) Successful in 34s
Build / build-arm64-linux (push) Successful in 1m43s
weewx: bitshake support
2024-08-03 23:02:32 +02:00

50 lines
1.1 KiB
Nix

{ config, ... }:
{
virtualisation.oci-containers.containers.deye-mqtt = {
image = "ghcr.io/kbialek/deye-inverter-mqtt:2024.07.1";
environmentFiles = [ config.age.secrets.deye-mqtt-config.path ];
};
systemd.services.podman-deye-mqtt.restartTriggers = [
"${config.age.secrets.deye-mqtt-config.file}"
];
services.mosquitto.listeners = [
{
address = "0.0.0.0";
port = 1884;
settings = {
protocol = "mqtt";
};
users = {
deye = {
password = "didYouFindThis";
acl = [ "write deye/#" ];
};
bitshake = {
password = "didYouFindThis";
acl = [ "write bitshake/#" ];
};
weewx-proxy = {
hashedPasswordFile = config.age.secrets.mosquitto-password-weewx-proxy.path;
acl = [ "read deye/#" "read bitshake/#" ];
};
};
}
];
networking.firewall.interfaces =
let
mosquittoPorts = [ 1884 ];
in
{
"end0".allowedTCPPorts = mosquittoPorts;
"vlan51".allowedTCPPorts = mosquittoPorts;
"podman+".allowedTCPPorts = mosquittoPorts;
};
}