1 files changed, 24 insertions, 0 deletions

diff --git a/makefu/2configs/homeautomation/mqtt.nix b/makefu/2configs/homeautomation/mqtt.nix
new file mode 100644
index 000000000..cd1c328d7
--- /dev/null
+++ b/makefu/2configs/homeautomation/mqtt.nix
@@ -0,0 +1,24 @@
+{ pkgs, config, ... }:
+{
+  services.mosquitto = {
+    enable = true;
+    host = "0.0.0.0";
+    allowAnonymous = false;
+    checkPasswords = true;
+    # see <host>/mosquitto
+    users.sensor = {
+      hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
+      acl = [ "topic readwrite #" ];
+    };
+    users.hass = {
+      hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
+      acl = [ "topic readwrite #" ];
+    };
+    users.stats = {
+      hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
+      acl = [ "topic read #" ];
+    };
+  };
+  environment.systemPackages = [ pkgs.mosquitto ];
+  # port open via trusted interface
+}