From adfcf2f8480165cb39761303982b64d5656319d6 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Sun, 9 Mar 2025 22:59:59 +0000 Subject: [PATCH] nixos/home/hass: Initial Home Assistant setup --- .../vms/shill/containers/middleman/vhosts.nix | 8 ++ .../home/palace/vms/sfh/containers/hass.nix | 73 ++++++++++++++++++- nixos/boxes/home/palace/vms/sfh/default.nix | 32 +++++++- nixos/modules/tmproot.nix | 10 +++ 4 files changed, 118 insertions(+), 5 deletions(-) diff --git a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix index 9d939b8..4941d7d 100644 --- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix +++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix @@ -429,6 +429,14 @@ in } (ssoServer "generic") ]; + "hass.${pubDomain}" = { + locations."/" = { + proxyPass = "http://hass-ctr.${home.domain}:8123"; + proxyWebsockets = true; + extraConfig = proxyHeaders; + }; + useACMEHost = pubDomain; + }; }; minio = diff --git a/nixos/boxes/home/palace/vms/sfh/containers/hass.nix b/nixos/boxes/home/palace/vms/sfh/containers/hass.nix index e7de7ad..5691cfc 100644 --- a/nixos/boxes/home/palace/vms/sfh/containers/hass.nix +++ b/nixos/boxes/home/palace/vms/sfh/containers/hass.nix @@ -1,6 +1,7 @@ { lib, ... }: let inherit (lib.my) net; + inherit (lib.my.c) pubDomain; inherit (lib.my.c.home) domain prefixes vips hiMTU; in { @@ -24,9 +25,23 @@ in address = net.cidr.host (65536*5+3) prefixes.hi.v6; }; }; + lo = { + name = "hass-ctr-lo"; + inherit domain; + mtu = 1500; + ipv4 = { + address = net.cidr.host 103 prefixes.lo.v4; + mask = 21; + gateway = null; + }; + ipv6 = { + iid = "::5:3"; + address = net.cidr.host (65536*5+3) prefixes.lo.v6; + }; + }; }; - configuration = { lib, config, pkgs, assignments, ... }: + configuration = { lib, config, pkgs, assignments, allAssignments, ... }: let inherit (lib) mkMerge mkIf mkForce; inherit (lib.my) networkdAssignment; @@ -47,11 +62,61 @@ in }; }; - systemd = { - network.networks."80-container-host0" = networkdAssignment "host0" assignments.hi; + environment = { + systemPackages = with pkgs; [ + usbutils + ]; }; - services = { }; + systemd = { + network.networks = { + "80-container-host0" = networkdAssignment "host0" assignments.hi; + "80-container-lan-lo" = networkdAssignment "lan-lo" assignments.lo; + }; + }; + + services = { + home-assistant = { + enable = true; + config = { + default_config = {}; + homeassistant = { + name = "Home"; + unit_system = "metric"; + currency = "EUR"; + country = "IE"; + time_zone = "Europe/Dublin"; + external_url = "https://hass.${pubDomain}"; + internal_url = "http://hass-ctr.${domain}:${toString config.services.home-assistant.config.http.server_port}"; + }; + http = { + use_x_forwarded_for = true; + trusted_proxies = with allAssignments.middleman.internal; [ + ipv4.address + ipv6.address + ]; + }; + }; + extraComponents = [ + "default_config" + "esphome" + "google_translate" + + "met" + "zha" + "denonavr" + "webostv" + ]; + extraPackages = python3Packages: with python3Packages; [ + zlib-ng + isal + + gtts + ]; + configWritable = false; + openFirewall = true; + }; + }; }; }; }; diff --git a/nixos/boxes/home/palace/vms/sfh/default.nix b/nixos/boxes/home/palace/vms/sfh/default.nix index 5ba249b..6895206 100644 --- a/nixos/boxes/home/palace/vms/sfh/default.nix +++ b/nixos/boxes/home/palace/vms/sfh/default.nix @@ -29,7 +29,7 @@ in configuration = { lib, modulesPath, pkgs, config, assignments, allAssignments, ... }: let - inherit (lib) mapAttrs mkMerge; + inherit (lib) mapAttrs mkMerge mkForce; inherit (lib.my) networkdAssignment; inherit (lib.my.c) networkd; inherit (lib.my.c.home) domain; @@ -111,6 +111,13 @@ in MTUBytes = toString lib.my.c.home.hiMTU; }; }; + "10-lan-lo-ctrs" = { + matchConfig = { + Driver = "virtio_net"; + PermanentMACAddress = "52:54:00:a5:7e:93"; + }; + linkConfig.Name = "lan-lo-ctrs"; + }; }; networks = { @@ -124,9 +131,28 @@ in linkConfig.RequiredForOnline = "no"; networkConfig = networkd.noL3; }; + "30-lan-lo-ctrs" = { + matchConfig.Name = "lan-lo-ctrs"; + linkConfig.RequiredForOnline = "no"; + networkConfig = networkd.noL3; + }; }; }; + systemd.nspawn = { + hass = { + networkConfig = { + MACVLAN = mkForce "lan-hi-ctrs:host0 lan-lo-ctrs:lan-lo"; + }; + }; + }; + + systemd.services = { + "systemd-nspawn@hass".serviceConfig.DeviceAllow = [ + "char-ttyUSB rw" + ]; + }; + my = { secrets = { key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAAaav5Se1E/AbqEXmADryVszYfNDscyP6jrWioN57R7"; @@ -151,6 +177,10 @@ in hass = { bindMounts = { "/dev/bus/usb/001/002".readOnly = false; + "/dev/serial/by-id/usb-Nabu_Casa_Home_Assistant_Connect_ZBT-1_ce549704fe38ef11a2c2e5d154516304-if00-port0" = { + readOnly = false; + mountPoint = "/dev/ttyUSB0"; + }; }; }; }; diff --git a/nixos/modules/tmproot.nix b/nixos/modules/tmproot.nix index 363962a..97924a2 100644 --- a/nixos/modules/tmproot.nix +++ b/nixos/modules/tmproot.nix @@ -561,6 +561,16 @@ in } ]; }) + (mkIf config.services.home-assistant.enable { + my.tmproot.persistence.config.directories = [ + { + directory = config.services.home-assistant.configDir; + mode = "0750"; + user = "hass"; + group = "hass"; + } + ]; + }) ])) ]);