Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ma bureautomation: home-assistant is now user-controlled

Browse Source
This commit is contained in:
makefu 2022-06-06 21:16:30 +02:00
parent 37006c2198
commit 43486ea6d8
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
3 changed files with 184 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
makefu/2configs/bureautomation/comic-updater.nix
View File

@ -11,8 +11,9 @@ in {
path = with pkgs; [ wget xmlstarlet ]; path = with pkgs; [ wget xmlstarlet ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
User = "hass"; # User = "hass";
WorkingDirectory = config.services.home-assistant.configDir; #WorkingDirectory = config.services.home-assistant.configDir;
WorkingDirectory = "/var/lib/homeassistant-docker";
ExecStart = pkgs.writeDash "update-comics" '' ExecStart = pkgs.writeDash "update-comics" ''
set -euf set -euf
mkdir -p www/ mkdir -p www/

326
makefu/2configs/bureautomation/default.nix
View File

@ -2,6 +2,7 @@
let let
kodi-host = "192.168.8.11"; kodi-host = "192.168.8.11";
unstable = import <nixpkgs-unstable> {}; unstable = import <nixpkgs-unstable> {};
confdir = "/var/lib/homeassistant-docker";
in { in {
imports = [ imports = [
./ota.nix ./ota.nix
@ -13,169 +14,188 @@ in {
# hass config # hass config
## complex configs ## complex configs
# ./multi/daily-standup.nix # ./multi/daily-standup.nix
./multi/aramark.nix #./multi/aramark.nix
./multi/matrix.nix #./multi/matrix.nix
./multi/frosch.nix #./multi/frosch.nix
./multi/mittagessen.nix #./multi/mittagessen.nix
./multi/10h_timers.nix #./multi/10h_timers.nix
./switch/tasmota_switch.nix #./switch/tasmota_switch.nix
./switch/rfbridge.nix #./switch/rfbridge.nix
./light/statuslight.nix #./light/statuslight.nix
./light/buzzer.nix #./light/buzzer.nix
./script/multi_blink.nix #./script/multi_blink.nix
./binary_sensor/buttons.nix #./binary_sensor/buttons.nix
./binary_sensor/motion.nix #./binary_sensor/motion.nix
# ./sensor/pollen.nix requires dwd_pollen ## ./sensor/pollen.nix requires dwd_pollen
./sensor/espeasy.nix #./sensor/espeasy.nix
./sensor/airquality.nix #./sensor/airquality.nix
./sensor/outside.nix #./sensor/outside.nix
./sensor/tasmota_firmware.nix #./sensor/tasmota_firmware.nix
./camera/verkehrskamera.nix #./camera/verkehrskamera.nix
./camera/comic.nix #./camera/comic.nix
./camera/stuttgart.nix #./camera/stuttgart.nix
./automation/bureau-shutdown.nix #./automation/bureau-shutdown.nix
./automation/nachtlicht.nix #./automation/nachtlicht.nix
./automation/schlechteluft.nix #./automation/schlechteluft.nix
./automation/philosophische-tuer.nix #./automation/philosophische-tuer.nix
./automation/hass-restart.nix #./automation/hass-restart.nix
./device_tracker/openwrt.nix #./device_tracker/openwrt.nix
./person/team.nix #./person/team.nix
]; ];
networking.firewall.allowedTCPPorts = [ 8123 ]; networking.firewall.allowedTCPPorts = [ 8123 ];
state = [ "/var/lib/hass/known_devices.yaml" ]; state = [ "/var/lib/hass/known_devices.yaml" ];
virtualisation.oci-containers.containers.hass = {
services.home-assistant = { image = "homeassistant/home-assistant:latest";
enable = true; #user = "${toString config.users.users.kiosk.uid}:${toString config.users.groups.kiosk.gid}";
package = (unstable.home-assistant.overrideAttrs (old: { #user = "${toString config.users.users.kiosk.uid}:root";
doInstallCheck = false; environment = {
})).override { TZ = "Europe/Berlin";
extraPackages = p: [ PUID = toString config.users.users.kiosk.uid;
# TODO: put somewhere else PGID = toString config.users.groups.kiosk.gid;
(p.callPackage <stockholm/makefu/2configs/home/ham/deps/dwdwfsapi.nix> {}) UMASK = "007";
# (p.callPackage <stockholm/makefu/2configs/home/ham/deps/pykodi.nix> {})
p.APScheduler ];
};
autoExtraComponents = true;
config = {
config = {};
discovery = {};
homeassistant = {
name = "Bureautomation";
time_zone = "Europe/Berlin";
latitude = "48.8265";
longitude = "9.0676";
elevation = 303;
auth_providers = [
{ type = "homeassistant";}
{ type = "legacy_api_password";
api_password = "sistemas";
}
{ type = "trusted_networks";
trusted_networks = [
"127.0.0.1/32"
"192.168.8.0/24"
"::1/128"
"fd00::/8"
];
# allow_bypass_login = true;
}
];
};
# https://www.home-assistant.io/components/influxdb/
influxdb = {
database = "hass";
tags = {
instance = "wbob";
source = "hass";
};
};
mqtt = {
discovery = true;
discovery_prefix = "homeassistant";
broker = "localhost";
port = 1883;
client_id = "home-assistant";
keepalive = 60;
protocol = 3.1;
birth_message = {
topic = "/bam/hass/tele/LWT";
payload = "Online";
qos = 1;
retain = true;
};
will_message = {
topic = "/bam/hass/tele/LWT";
payload = "Offline";
qos = 1;
retain = true;
};
};
notify = [
{
platform = "kodi";
name = "wbob-kodi";
host = kodi-host;
}
#{
# platform = "telegram";
# name = "telegrambot";
# chat_id = builtins.elemAt
# (builtins.fromJSON (builtins.readFile
# <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
#}
];
media_player = [
{ platform = "kodi";
host = kodi-host;
}
{ platform = "mpd";
host = "127.0.0.1";
}
];
# sensor = [{ platform = "version"; }]; # pyhaversion
frontend = { };
http = {
# TODO: https://github.com/home-assistant/home-assistant/issues/16149
# base_url = "http://192.168.8.11:8123";
};
conversation = {};
history = {};
logbook = {};
tts = [
{ platform = "google_translate";
language = "de";
time_memory = 57600;
service_name = "google_say";
}
{ platform = "voicerss";
api_key = builtins.readFile <secrets/hass/voicerss.apikey>;
language = "de-de";
}
#{ platform = "picotts";
# language = "de-DE";
#}
];
recorder = {};
sun = {};
#telegram_bot = [
# (builtins.fromJSON
# (builtins.readFile <secrets/hass/telegram-bot.json>))
#];
# only for automation
# feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
# we don't use imports because the expressions do not merge in
# home-assistant
}; };
extraOptions = ["--net=host" ];
volumes = [
"${confdir}:/config"
#"${confdir}/docker-run:/etc/services.d/home-assistant/run:"
];
}; };
systemd.tmpfiles.rules = [
#"f ${confdir}/docker-run 0770 kiosk kiosk - -"
"d ${confdir} 0770 kiosk kiosk - -"
];
#services.home-assistant = {
# enable = true;
# package = (unstable.home-assistant.overrideAttrs (old: {
# doInstallCheck = false;
# })).override {
# extraPackages = p: [
# # TODO: put somewhere else
# (p.callPackage <stockholm/makefu/2configs/home/ham/deps/dwdwfsapi.nix> {})
# # (p.callPackage <stockholm/makefu/2configs/home/ham/deps/pykodi.nix> {})
# p.APScheduler ];
# };
# autoExtraComponents = true;
# config = {
# config = {};
# discovery = {};
# homeassistant = {
# name = "Bureautomation";
# time_zone = "Europe/Berlin";
# latitude = "48.8265";
# longitude = "9.0676";
# elevation = 303;
# auth_providers = [
# { type = "homeassistant";}
# { type = "legacy_api_password";
# api_password = "sistemas";
# }
# { type = "trusted_networks";
# trusted_networks = [
# "127.0.0.1/32"
# "192.168.8.0/24"
# "::1/128"
# "fd00::/8"
# ];
# # allow_bypass_login = true;
# }
# ];
# };
# # https://www.home-assistant.io/components/influxdb/
# influxdb = {
# database = "hass";
# tags = {
# instance = "wbob";
# source = "hass";
# };
# };
# mqtt = {
# discovery = true;
# discovery_prefix = "homeassistant";
# broker = "localhost";
# port = 1883;
# client_id = "home-assistant";
# keepalive = 60;
# protocol = 3.1;
# birth_message = {
# topic = "/bam/hass/tele/LWT";
# payload = "Online";
# qos = 1;
# retain = true;
# };
# will_message = {
# topic = "/bam/hass/tele/LWT";
# payload = "Offline";
# qos = 1;
# retain = true;
# };
# };
# notify = [
# {
# platform = "kodi";
# name = "wbob-kodi";
# host = kodi-host;
# }
# #{
# # platform = "telegram";
# # name = "telegrambot";
# # chat_id = builtins.elemAt
# # (builtins.fromJSON (builtins.readFile
# # <secrets/hass/telegram-bot.json>)).allowed_chat_ids 0;
# #}
# ];
# media_player = [
# { platform = "kodi";
# host = kodi-host;
# }
# { platform = "mpd";
# host = "127.0.0.1";
# }
# ];
# # sensor = [{ platform = "version"; }]; # pyhaversion
# frontend = { };
# http = {
# # TODO: https://github.com/home-assistant/home-assistant/issues/16149
# # base_url = "http://192.168.8.11:8123";
# };
# conversation = {};
# history = {};
# logbook = {};
# tts = [
# { platform = "google_translate";
# language = "de";
# time_memory = 57600;
# service_name = "google_say";
# }
# { platform = "voicerss";
# api_key = builtins.readFile <secrets/hass/voicerss.apikey>;
# language = "de-de";
# }
# #{ platform = "picotts";
# # language = "de-DE";
# #}
# ];
# recorder = {};
# sun = {};
# #telegram_bot = [
# # (builtins.fromJSON
# # (builtins.readFile <secrets/hass/telegram-bot.json>))
# #];
# # only for automation
# # feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ];
# # we don't use imports because the expressions do not merge in
# # home-assistant
# };
#};
} }

12
makefu/2configs/gui/wbob-kiosk.nix
View File

@ -4,17 +4,21 @@
imports = [ imports = [
./base.nix ./base.nix
]; ];
users.users.makefu = { users.users.kiosk = {
packages = [ pkgs.chromium ]; packages = [ pkgs.chromium pkgs.vscode ];
extraGroups = [ "audio" "pulse" ]; group = "kiosk";
isNormalUser = true;
uid = 1003;
extraGroups = [ "wheel" "audio" "pulse" ];
}; };
users.groups.kiosk.gid = 989 ;
services.xserver = { services.xserver = {
windowManager = lib.mkForce { awesome.enable = false; }; windowManager = lib.mkForce { awesome.enable = false; };
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
displayManager.autoLogin = { displayManager.autoLogin = {
enable = true; enable = true;
user = "makefu"; user = lib.mkForce "kiosk";
}; };
displayManager.defaultSession = "gnome"; displayManager.defaultSession = "gnome";
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;