Jack O'Sullivan
adfcf2f848
Some checks failed
CI / Check, build and cache nixfiles (push) Has been cancelled
124 lines
3.1 KiB
Nix
124 lines
3.1 KiB
Nix
{ lib, ... }:
|
|
let
|
|
inherit (lib.my) net;
|
|
inherit (lib.my.c) pubDomain;
|
|
inherit (lib.my.c.home) domain prefixes vips hiMTU;
|
|
in
|
|
{
|
|
nixos.systems.hass = { config, ... }: {
|
|
system = "x86_64-linux";
|
|
nixpkgs = "mine";
|
|
rendered = config.configuration.config.my.asContainer;
|
|
|
|
assignments = {
|
|
hi = {
|
|
name = "hass-ctr";
|
|
inherit domain;
|
|
mtu = hiMTU;
|
|
ipv4 = {
|
|
address = net.cidr.host 103 prefixes.hi.v4;
|
|
mask = 22;
|
|
gateway = vips.hi.v4;
|
|
};
|
|
ipv6 = {
|
|
iid = "::5:3";
|
|
address = net.cidr.host (65536*5+3) prefixes.hi.v6;
|
|
};
|
|
};
|
|
lo = {
|
|
name = "hass-ctr-lo";
|
|
inherit domain;
|
|
mtu = 1500;
|
|
ipv4 = {
|
|
address = net.cidr.host 103 prefixes.lo.v4;
|
|
mask = 21;
|
|
gateway = null;
|
|
};
|
|
ipv6 = {
|
|
iid = "::5:3";
|
|
address = net.cidr.host (65536*5+3) prefixes.lo.v6;
|
|
};
|
|
};
|
|
};
|
|
|
|
configuration = { lib, config, pkgs, assignments, allAssignments, ... }:
|
|
let
|
|
inherit (lib) mkMerge mkIf mkForce;
|
|
inherit (lib.my) networkdAssignment;
|
|
in
|
|
{
|
|
config = {
|
|
my = {
|
|
deploy.enable = false;
|
|
server.enable = true;
|
|
|
|
secrets = {
|
|
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGpYX2WbYwUqHp8bFFf0eHFrqrR8xp8IheguA054F8V4";
|
|
files = { };
|
|
};
|
|
|
|
firewall = {
|
|
tcp.allowed = [ ];
|
|
};
|
|
};
|
|
|
|
environment = {
|
|
systemPackages = with pkgs; [
|
|
usbutils
|
|
];
|
|
};
|
|
|
|
systemd = {
|
|
network.networks = {
|
|
"80-container-host0" = networkdAssignment "host0" assignments.hi;
|
|
"80-container-lan-lo" = networkdAssignment "lan-lo" assignments.lo;
|
|
};
|
|
};
|
|
|
|
services = {
|
|
home-assistant = {
|
|
enable = true;
|
|
config = {
|
|
default_config = {};
|
|
homeassistant = {
|
|
name = "Home";
|
|
unit_system = "metric";
|
|
currency = "EUR";
|
|
country = "IE";
|
|
time_zone = "Europe/Dublin";
|
|
external_url = "https://hass.${pubDomain}";
|
|
internal_url = "http://hass-ctr.${domain}:${toString config.services.home-assistant.config.http.server_port}";
|
|
};
|
|
http = {
|
|
use_x_forwarded_for = true;
|
|
trusted_proxies = with allAssignments.middleman.internal; [
|
|
ipv4.address
|
|
ipv6.address
|
|
];
|
|
};
|
|
};
|
|
extraComponents = [
|
|
"default_config"
|
|
"esphome"
|
|
"google_translate"
|
|
|
|
"met"
|
|
"zha"
|
|
"denonavr"
|
|
"webostv"
|
|
];
|
|
extraPackages = python3Packages: with python3Packages; [
|
|
zlib-ng
|
|
isal
|
|
|
|
gtts
|
|
];
|
|
configWritable = false;
|
|
openFirewall = true;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|