diff options
Diffstat (limited to 'makefu/2configs/deployment')
-rw-r--r-- | makefu/2configs/deployment/bureautomation/hass.nix | 158 | ||||
-rw-r--r-- | makefu/2configs/deployment/bureautomation/home.nix | 67 | ||||
-rw-r--r-- | makefu/2configs/deployment/events-publisher/default.nix | 48 | ||||
-rw-r--r-- | makefu/2configs/deployment/owncloud.nix | 10 |
4 files changed, 228 insertions, 55 deletions
diff --git a/makefu/2configs/deployment/bureautomation/hass.nix b/makefu/2configs/deployment/bureautomation/hass.nix index b62f37bdb..d5793f886 100644 --- a/makefu/2configs/deployment/bureautomation/hass.nix +++ b/makefu/2configs/deployment/bureautomation/hass.nix @@ -1,75 +1,125 @@ { pkgs, lib, ... }: let - firetv = "192.168.1.238"; + tasmota_plug = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "/bam/${topic}/stat/POWER"; + command_topic = "/bam/${topic}/cmnd/POWER"; + availability_topic = "/bam/${topic}/tele/LWT"; + qos = 1; + payload_on= "ON"; + payload_off= "OFF"; + payload_available= "Online"; + payload_not_available= "Offline"; + retain= false; + }; + espeasy_dht22 = name: [ + { + platform = "mqtt"; + device_class = "temperature"; + state_topic = "/bam/${name}/dht22/Temperature"; + availability_topic = "/bam/${name}/status/LWT"; + payload_available = "Connected"; + payload_not_available = "Connection Lost"; + } + { + platform = "mqtt"; + device_class = "humidity"; + state_topic = "/bam/${name}/dht22/Temperature"; + unit_of_measurement = "C"; + availability_topic = "/bam/${name}/status/LWT"; + payload_available = "Connected"; + payload_not_available = "Connection Lost"; + }]; + espeasy_ds18 = name: [ + { + platform = "mqtt"; + device_class = "temperature"; + state_topic = "/bam/${name}/ds18/Temperature"; + availability_topic = "/bam/${name}/status/LWT"; + payload_available = "Connected"; + payload_not_available = "Connection Lost"; + } + ]; in { - imports = [ - <nixpkgs-unstable/nixos/modules/services/misc/home-assistant.nix> + + nixpkgs.config.permittedInsecurePackages = [ + "homeassistant-0.65.5" ]; - systemd.services.firetv = { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = "nobody"; - ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555"; - }; - }; - nixpkgs.config.packageOverrides = oldpkgs: { - home-assistant = (import <nixpkgs-unstable> {}).home-assistant; - }; - ids.uids.hass = 286; - ids.gids.hass = 286; + services.home-assistant = { - #panel_iframe: - #configurator: - # title: Configurator - # icon: mdi:wrench - # url: http://hassio.local:3218 - # sensor: - # - platform: random enable = true; config = { homeassistant = { name = "Bureautomation"; time_zone = "Europe/Berlin"; }; - panel_iframe = { - euer_blog = { - title = "Euer Blog"; - icon = "mdi:wrench"; - url = "https://euer.krebsco.de"; + + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + keepalive = 60; + protocol = 3.1; + birth_message = { + topic = "/bam/hass/tele/LWT"; + payload = "Online"; + qos = 1; + retain = true; + }; + will_message = { + topic = "/bam/hass/tele/LWT"; + payload = "Offline"; + qos = 1; + retain = true; }; }; - media_player = [ - { platform = "kodi"; - host = firetv; - } - { platform = "firetv"; - # assumes python-firetv running - } + switch = [ + (tasmota_plug "Bauarbeiterlampe" "plug") + (tasmota_plug "Blitzdings" "plug2") + (tasmota_plug "Fernseher" "plug3") + (tasmota_plug "Pluggy" "plug4") ]; - sensor = [ - { - platform = "luftdaten"; - name = "Shack 1"; - sensorid = "50"; - monitored_conditions = [ "P1" "P2" ]; - } - { - platform = "luftdaten"; - name = "Shack 2"; - sensorid = "658"; - monitored_conditions = [ "P1" "P2" ]; - } - { - platform = "luftdaten"; - name = "Ditzingen"; - sensorid = "5341"; - monitored_conditions = [ "P1" "P2" ]; + binary_sensor = [ + { # esp_easy + platform = "mqtt"; + device_class = "motion"; + state_topic = "/bam/easy2/movement/Switch"; + payload_on = "1"; + payload_off = "0"; + availability_topic = "/bam/easy2/status/LWT"; + payload_available = "Connected"; + payload_not_available = "Connection Lost"; } - { platform = "random"; } ]; + sensor = + (espeasy_dht22 "easy2") ++ + [ (espeasy_ds18 "easy3" ) + { platform = "luftdaten"; + name = "Ditzingen"; + sensorid = "5341"; + monitored_conditions = [ "P1" "P2" ]; + } + { platform = "influxdb"; + queries = [ + { name = "mean value of feinstaub P1"; + where = '' "node" = 'esp8266-1355142' ''; + measurement = "feinstaub"; + database = "telegraf"; + field = "P1"; + } + { name = "mean value of feinstaub P2"; + where = '' "node" = 'esp8266-1355142' ''; + measurement = "feinstaub"; + database = "telegraf"; + field = "P2"; + } + ]; + } + ]; frontend = { }; http = { }; - feedreader.urls = [ "https://nixos.org/blogs.xml" ]; + feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ]; }; }; } diff --git a/makefu/2configs/deployment/bureautomation/home.nix b/makefu/2configs/deployment/bureautomation/home.nix new file mode 100644 index 000000000..28edb6af2 --- /dev/null +++ b/makefu/2configs/deployment/bureautomation/home.nix @@ -0,0 +1,67 @@ +{ pkgs, lib, ... }: +let + firetv = "192.168.1.238"; +in { + systemd.services.firetv = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; + ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555"; + }; + }; + services.home-assistant = { + #panel_iframe: + #configurator: + # title: Configurator + # icon: mdi:wrench + # url: http://hassio.local:3218 + # sensor: + # - platform: random + enable = true; + config = { + homeassistant = { + name = "Bureautomation"; + time_zone = "Europe/Berlin"; + }; + panel_iframe = { + euer_blog = { + title = "Euer Blog"; + icon = "mdi:wrench"; + url = "https://euer.krebsco.de"; + }; + }; + media_player = [ + { platform = "kodi"; + host = firetv; + } + { platform = "firetv"; + # assumes python-firetv running + } + ]; + sensor = [ + { + platform = "luftdaten"; + name = "Shack 1"; + sensorid = "50"; + monitored_conditions = [ "P1" "P2" ]; + } + { + platform = "luftdaten"; + name = "Shack 2"; + sensorid = "658"; + monitored_conditions = [ "P1" "P2" ]; + } + { + platform = "luftdaten"; + name = "Ditzingen"; + sensorid = "5341"; + monitored_conditions = [ "P1" "P2" ]; + } + { platform = "random"; } + ]; + frontend = { }; + http = { }; + feedreader.urls = [ "https://nixos.org/blogs.xml" ]; + }; + }; +} diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix new file mode 100644 index 000000000..c671b1a0b --- /dev/null +++ b/makefu/2configs/deployment/events-publisher/default.nix @@ -0,0 +1,48 @@ +{ pkgs, ... }: +with import <stockholm/lib>; +let + shack-announce = pkgs.callPackage (builtins.fetchTarball { + url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz"; + sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp"; + }) {} ; + home = "/var/lib/shackannounce"; + user = "shackannounce"; + creds = (toString <secrets>) + "/shack-announce.json"; +in +{ + users.users.${user}= { + uid = genid user; + inherit home; + createHome = true; + }; + systemd.services.shack-announce = { + description = "Announce shack events"; + startAt = "*:0/30"; + path = [ shack-announce ]; + serviceConfig = { + WorkingDirectory = home; + User = user; + PermissionsStartOnly = true; + ExecStartPre = pkgs.writeDash "shack-announce-pre" '' + set -eu + cp ${creds} creds.json + chown ${user} creds.json + ''; + ExecStart = pkgs.writeDash "shack-announce" '' + if test ! -e announce.state; then + echo "initializing state" + announce-daemon \ + --lol INFO \ + --creds creds.json \ + --state announce.state \ + --clean --init + fi + echo "Running announce" + announce-daemon \ + --lol INFO \ + --creds creds.json \ + --state announce.state + ''; + }; + }; +} diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index e9d4b18e0..cfde0aba8 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -108,7 +108,6 @@ let # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; # Optional: Don't log access to assets @@ -144,6 +143,8 @@ let opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1 + opcache.file_cache = .opcache + zend_extension=${pkgs.php}/lib/php/extensions/opcache.so display_errors = on display_startup_errors = on @@ -155,6 +156,13 @@ let extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so ''; + systemd.services."nextcloud-cron-${domain}" = { + serviceConfig = { + User = "nginx"; + ExecStart = "${pkgs.php}/bin/php -f ${root}/cron.php"; + }; + startAt = "*:0/15"; + }; }; in { imports = [ |