diff options
-rw-r--r-- | lass/1systems/shodan/config.nix | 1 | ||||
-rw-r--r-- | lass/2configs/gg23.nix | 77 | ||||
-rw-r--r-- | lass/2configs/hass/default.nix | 86 | ||||
-rw-r--r-- | lass/2configs/hass/lib.nix | 83 | ||||
-rw-r--r-- | lass/2configs/hass/rooms/bett.nix | 27 | ||||
-rw-r--r-- | lass/2configs/hass/zigbee.nix | 152 |
6 files changed, 353 insertions, 73 deletions
diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 9bb31191c..064a56955 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -19,6 +19,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/nfs-dl.nix> <stockholm/lass/2configs/gg23.nix> + <stockholm/lass/2configs/hass> <stockholm/lass/2configs/br.nix> ]; diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix index b23494b28..3d4c1e306 100644 --- a/lass/2configs/gg23.nix +++ b/lass/2configs/gg23.nix @@ -20,12 +20,13 @@ with import <stockholm/lib>; } ''; machines = [ - { ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; } + { ethernetAddress = "a8:a6:48:65:ce:4c"; hostName = "tv"; ipAddress = "10.42.0.3"; } { ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; } - { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; } + { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-tv"; ipAddress = "10.42.0.10"; } { ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; } - { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; } + { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-wasch"; ipAddress = "10.42.0.12"; } { ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; } + { ethernetAddress = "ec:b5:fa:07:78:16"; hostName = "hue-bridge"; ipAddress = "10.42.0.21"; } { ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; } ]; }; @@ -45,9 +46,6 @@ with import <stockholm/lib>; boot.kernel.sysctl."net.ipv4.ip_forward" = 1; krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass - { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto { predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns ]; krebs.iptables.tables.filter.FORWARD.rules = [ @@ -62,72 +60,5 @@ with import <stockholm/lib>; krebs.iptables.tables.nat.POSTROUTING.rules = [ { v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; } ]; - - services.home-assistant = let - tasmota_s20 = name: topic: { - platform = "mqtt"; - inherit name; - state_topic = "stat/${topic}/POWER"; - command_topic = "cmnd/${topic}/POWER"; - payload_on = "ON"; - payload_off = "OFF"; - }; - in { - enable = true; - package = pkgs.home-assistant.override { - #extraComponents = [ - # (pkgs.fetchgit { - # url = "https://github.com/marcschumacher/dwd_pollen"; - # rev = "0.1"; - # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; - # }) - #]; - }; - config = { - homeassistant = { - name = "Home"; time_zone = "Europe/Berlin"; - latitude = "48.7687"; - longitude = "9.2478"; - elevation = 247; - }; - sun.elevation = 66; - discovery = {}; - frontend = { }; - mqtt = { - broker = "localhost"; - port = 1883; - client_id = "home-assistant"; - username = "gg23"; - password = "gg23-mqtt"; - keepalive = 60; - protocol = 3.1; - }; - sensor = [ - ]; - switch = [ - (tasmota_s20 "Drucker Strom" "drucker") - (tasmota_s20 "Bett Licht" "bett") - (tasmota_s20 "Kueche Licht" "kueche") - ]; - device_tracker = [ - { - platform = "luci"; - } - ]; - }; - }; - - services.mosquitto = { - enable = true; - host = "0.0.0.0"; - allowAnonymous = false; - checkPasswords = true; - users.gg23 = { - password = "gg23-mqtt"; - acl = [ "topic readwrite #" ]; - }; - }; - environment.systemPackages = [ pkgs.mosquitto ]; - } diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix new file mode 100644 index 000000000..ef9361102 --- /dev/null +++ b/lass/2configs/hass/default.nix @@ -0,0 +1,86 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./zigbee.nix + ./rooms/bett.nix + ]; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass + ]; + + services.home-assistant = { + enable = true; + package = pkgs.home-assistant.override { + # extraComponents = [ "hue" ]; + }; + configWritable = true; + }; + + lass.hass.config = let + tasmota_s20 = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "stat/${topic}/POWER"; + command_topic = "cmnd/${topic}/POWER"; + payload_on = "ON"; + payload_off = "OFF"; + }; + in { + homeassistant = { + name = "Home"; + time_zone = "Europe/Berlin"; + latitude = "48.7687"; + longitude = "9.2478"; + elevation = 247; + }; + config = {}; + sun.elevation = 66; + discovery = {}; + frontend = {}; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + username = "gg23"; + password = "gg23-mqtt"; + keepalive = 60; + protocol = 3.1; + + discovery = true; + birth_message = { + topic = "/hass/status"; + payload = "online"; + }; + will_message = { + topic = "/hass/status"; + payload = "offline"; + }; + }; + sensor = [ + ]; + switch = [ + (tasmota_s20 "TV" "tv") + (tasmota_s20 "Drucker Strom" "drucker") + (tasmota_s20 "Waschmaschine" "wasch") + (tasmota_s20 "Stereo Anlage" "stereo") + ]; + mobile_app = {}; + }; + + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + allowAnonymous = false; + checkPasswords = true; + users.gg23 = { + password = "gg23-mqtt"; + acl = [ "topic readwrite #" ]; + }; + }; + + environment.systemPackages = [ pkgs.mosquitto ]; +} diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix new file mode 100644 index 000000000..c69f5e887 --- /dev/null +++ b/lass/2configs/hass/lib.nix @@ -0,0 +1,83 @@ +{ + lights = { + bett = "light.0x0017880106ed3bd8_light"; + essen = "light.0x0017880108327622_light"; + arbeit = "light.0x0017880106ee2865_light"; + nass = "light.0x00178801082e9f2f_light"; + }; + + sensors = { + bett = "0x00178801086ac38c"; + }; + + lightswitch = switch: light: { + automation = [ + { + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'on-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'up-press' }}"; + } + { + condition = "and"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'down-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness > 30 }}"; + } + ]; + } + ]; + }; + action = [ + { + service = "light.turn_on"; + data_template = { + entity_id = light; + brightness = "{{ trigger.payload_json.brightness }}"; + }; + } + ]; + } + { + trigger = { + platform = "mqtt"; + topic = "zigbee/${switch}"; + }; + condition = { + condition = "or"; + conditions = [ + { + condition = "template"; + value_template = "{{ trigger.payload_json.action == 'off-press' }}"; + } + { + condition = "template"; + value_template = "{{ trigger.payload_json.brightness < 30 }}"; + } + ]; + }; + action = { + service = "light.turn_off"; + data_template = { + entity_id = light; + }; + }; + } + ]; + }; +} diff --git a/lass/2configs/hass/rooms/bett.nix b/lass/2configs/hass/rooms/bett.nix new file mode 100644 index 000000000..21092ef5f --- /dev/null +++ b/lass/2configs/hass/rooms/bett.nix @@ -0,0 +1,27 @@ +{ lib, ... }: +with import ../lib.nix; + +{ + lass.hass.config = lib.lists.fold lib.recursiveUpdate {} [ + { + #automation = [{ + # trigger = { + # platform = "mqtt"; + # topic = "zigbee/0x00178801086ac38c/action"; + # payload = "on-press"; + # }; + # action = { + # service = "light.turn_on"; + # data = { + # brightness = 150; + # rgb_color = [ 255 0 0 ]; + # entity_id = [ + # "light.0x0017880108327622_light" + # ]; + # }; + # }; + #}]; + } + (lightswitch sensors.bett lights.bett) + ]; +} diff --git a/lass/2configs/hass/zigbee.nix b/lass/2configs/hass/zigbee.nix new file mode 100644 index 000000000..4d57f9ca4 --- /dev/null +++ b/lass/2configs/hass/zigbee.nix @@ -0,0 +1,152 @@ +{config, pkgs, lib, ...}: let + + zigbee2mqtt_cfg = pkgs.writeText "zigbee2mqtt.json" (builtins.toJSON { + homeassistant = true; + permit_join = true; + mqtt = { + discovery = true; + base_topic = "zigbee"; + server = "mqtt://10.42.0.1"; + user = "gg23"; + password = "gg23-mqtt"; + }; + serial.port = "/dev/cc2531"; + }); + +in { + # symlink the zigbee controller + services.udev.extraRules = '' + SUBSYSTEM=="tty", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="cc2531", MODE="0660", GROUP="dailout" + ''; + + system.activationScripts.installZigbee = '' + install -d /var/lib/zigbee2mqtt + install ${zigbee2mqtt_cfg} /var/lib/zigbee2mqtt/configuration.yaml + ''; + + # hack to restart docker container on config change + systemd.services.docker-zigbee2mqtt.environment.cfg = zigbee2mqtt_cfg; + + docker-containers.zigbee2mqtt = { + image = "koenkk/zigbee2mqtt"; + extraDockerOptions = [ + "--device=/dev/cc2531:/dev/cc2531" + ]; + volumes = ["/var/lib/zigbee2mqtt:/app/data"]; + }; + + lass.hass.config = { + sensor = [ + # Sensor for monitoring the bridge state + { + platform = "mqtt"; + name = "Zigbee2mqtt Bridge state"; + state_topic = "/zigbee/bridge/state"; + icon = "mdi:router-wireless"; + } + # Sensor for Showing the Zigbee2mqtt Version + { + platform = "mqtt"; + name = "Zigbee2mqtt Version"; + state_topic = "/zigbee/bridge/config"; + value_template = "{{ value_json.version }}"; + icon = "mdi:zigbee"; + } + # Sensor for Showing the Coordinator Version + { + platform = "mqtt"; + name = "Coordinator Version"; + state_topic = "/zigbee/bridge/config"; + value_template = "{{ value_json.coordinator }}"; + icon = "mdi:chip"; + } + ]; + switch = [ + { + platform = "mqtt"; + name = "Zigbee2mqtt Main join"; + state_topic = "/zigbee/bridge/config/permit_join"; + command_topic = "/zigbee/bridge/config/permit_join"; + payload_on = "true"; + payload_off = "false"; + } + ]; + automation = [ + { + alias = "Zigbee2mqtt Log Level"; + initial_state = "on"; + trigger = { + platform = "state"; + entity_id = "input_select.zigbee2mqtt_log_level"; + }; + action = [ + { + service = "mqtt.publish"; + data = { + payload_template = "{{ states('input_select.zigbee2mqtt_log_level') }}"; + topic = "/zigbee/bridge/config/log_level"; + }; + } + ]; + } + # Automation to start timer when enable join is turned on + { + id = "zigbee_join_enabled"; + alias = "Zigbee Join Enabled"; + hide_entity = "true"; + trigger = { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "on"; + }; + action = { + service = "timer.start"; + entity_id = "timer.zigbee_permit_join"; + }; + } + # Automation to stop timer when switch turned off and turn off switch when timer finished + { + id = "zigbee_join_disabled"; + alias = "Zigbee Join Disabled"; + hide_entity = "true"; + trigger = [ + { + platform = "event"; + event_type = "timer.finished"; + event_data.entity_id = "timer.zigbee_permit_join"; + } + { + platform = "state"; + entity_id = "switch.zigbee2mqtt_main_join"; + to = "off"; + } + ]; + action = [ + { service = "timer.cancel"; + data.entity_id = "timer.zigbee_permit_join"; + } + { service = "switch.turn_off"; + entity_id = "switch.zigbee2mqtt_main_join"; + } + ]; + } + ]; + input_select.zigbee2mqtt_log_level = { + name = "Zigbee2mqtt Log Level"; + options = [ + "debug" + "info" + "warn" + "error" + ]; + initial = "info"; + icon = "mdi:format-list-bulleted"; + }; + + timer.zigbee_permit_join = { + name = "Zigbee Time remaining"; + duration = 120; + }; + }; +} + |