blob: c81eae201ad761bdbef1208f805173e7db1139b5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
{ config, lib, pkgs, buildPythonPackage, ... }:
with import <stockholm/lib>;
let
pkg = pkgs.ampel;
home = "/var/lib/ampel";
sec = "${toString <secrets>}/ampel/google-muell.json";
ampelsec = "${home}/google-muell.json";
cred = "${toString <secrets>}/ampel/google-muell-creds.json";
# TODO: generate this credential file locally
ampelcred = "${home}/google-muell-creds.json";
sleepval = "1800";
# default-color = "18,63,40";
default-color = "255,127,0";
config_json = toFile "config.json" (toJSON {
mq_hostname = "localhost";
mq_port = 1883;
mq_username = "sensor";
mq_topic = "/ham/flurlicht/cmnd/MEM1";
mq_password = replaceChars ["\n"] [""] (readFile "${toString <secrets>}/mqtt/sensor");
});
in {
users.users.ampel = {
uid = genid "ampel";
createHome = true;
isSystemUser = true;
inherit home;
};
systemd.services.google-muell-ampel = {
description = "Send led change to rgb cubes";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "ampel";
ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
install -m600 -o ampel ${sec} ${ampelsec}
install -m600 -o ampel ${cred} ${ampelcred}
'';
ExecStart = "${pkg}/bin/google-muell --config ${config_json} --default-color=${default-color} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}";
PermissionsStartOnly = true;
Restart = "always";
RestartSec = 10;
PrivateTmp = true;
};
};
}
|