peprolinbot/frues-clan
1
0
Fork 0
Code Issues Pull requests 1 Wiki Activity Actions

Configure aresix

Browse source
This commit is contained in:
Pedro Rey Anca 2025-08-14 15:58:36 +02:00
parent cb8d24c6ce
commit 4011299399
Signed by: peprolinbot
GPG key ID: 053EA6E00116533A
7 changed files with 289 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

178
flake.lock generated
View file

@ -94,6 +94,66 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flocken": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"tg-ha-door",
"nixpkgs"
],
"systems": "systems_2"
},
"locked": {
"lastModified": 1737581094,
"narHash": "sha256-MSjyNy4zENfngnSdXQ6ef/wwACB0jfDyhy0qkI67F9A=",
"owner": "mirkolenz",
"repo": "flocken",
"rev": "97921a2650cb3de20c2a5ee591b00a6d5099fc40",
"type": "github"
},
"original": {
"owner": "mirkolenz",
"ref": "v2",
"repo": "flocken",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -115,6 +175,34 @@
"type": "github" "type": "github"
} }
}, },
"ixx": {
"inputs": {
"flake-utils": [
"tg-ha-door",
"search",
"flake-utils"
],
"nixpkgs": [
"tg-ha-door",
"search",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -177,6 +265,18 @@
"url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz" "url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1735774519,
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1754689972, "lastModified": 1754689972,
@ -197,7 +297,31 @@
"inputs": { "inputs": {
"clan-core": "clan-core", "clan-core": "clan-core",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2",
"tg-ha-door": "tg-ha-door"
}
},
"search": {
"inputs": {
"flake-utils": "flake-utils",
"ixx": "ixx",
"nixpkgs": [
"tg-ha-door",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754869408,
"narHash": "sha256-G1zNuxiCDfqNQVoL9j5v+ZYfUER7AI158ev98/JC8LI=",
"owner": "NuschtOS",
"repo": "search",
"rev": "2f5478267557a0f7a70d953b6c0867a5b4282739",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
} }
}, },
"sops-nix": { "sops-nix": {
@ -236,6 +360,58 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tg-ha-door": {
"inputs": {
"flocken": "flocken",
"nixpkgs": [
"nixpkgs"
],
"search": "search"
},
"locked": {
"lastModified": 1755008682,
"narHash": "sha256-7KRljl+Kh3CeL530LxAzTCs19zPSTd63Ats6x0d7zM8=",
"owner": "peprolinbot",
"repo": "tg-ha-door",
"rev": "8d981e2b4b047d0aca3226b2bf1a7d4eb2c3fa10",
"type": "github"
},
"original": {
"owner": "peprolinbot",
"repo": "tg-ha-door",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [

5
flake.nix
View file

@ -8,6 +8,11 @@
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
tg-ha-door = {
url = "github:peprolinbot/tg-ha-door";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = { outputs = {

21
machines/aresix/configuration.nix
View file

@ -1,10 +1,29 @@
{...}: { {...}: {
imports = [ imports = [
./modules/reverse-proxy.nix
./modules/home-assistant.nix
./modules/dyndns.nix
]; ];
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
boot.kernelParams = ["consoleblank=60"]; # Blanks console (screen off) after 60s boot.kernelParams = ["consoleblank=60"]; # Blanks console (screen off) after 60s
networking = {
interfaces = {
enp1s0.ipv4.addresses = [
{
address = "192.168.1.30";
prefixLength = 24;
}
];
};
defaultGateway = {
address = "192.168.1.1";
interface = "enp1s0";
};
nameservers = ["1.1.1.1" "8.8.8.8"];
};
system.stateVersion = "25.05"; system.stateVersion = "25.05";
} }

7
machines/aresix/modules/dyndns.nix Normal file
View file

@ -0,0 +1,7 @@
{config, ...}: {
services.duckdns = {
enable = true;
domains = ["campares.duckdns.org"];
tokenFile = config.sops.secrets.duckdns-token.path;
};
}

53
machines/aresix/modules/home-assistant.nix Normal file
View file

@ -0,0 +1,53 @@
{
inputs,
config,
...
}: {
imports = [inputs.tg-ha-door.nixosModules.tg-ha-door];
services.tg-ha-door = {
enable = true;
credentialsFile = config.sops.secrets.tg-ha-door-creds.path;
settings = {
TG_KEY_CHAT_ID = "-1001455284010";
TG_LOG_CHAT_ID = "-1001359679497";
HA_URL = "http://[::1]:8123";
HA_DOOR_ENTITY_ID = "cover.puerta_verde";
DOOR_OPEN_CLOSE_TIME = 60;
};
};
services.esphome.enable = true;
services.home-assistant = {
enable = true;
openFirewall = true;
extraComponents = [
# Components required to complete the onboarding
"analytics"
"google_translate"
"met"
"radio_browser"
"shopping_list"
# Recommended for fast zlib compression
# https://www.home-assistant.io/integrations/isal
"isal"
# Additional components
"esphome"
"mobile_app"
];
config = {
http = {
trusted_proxies = ["::1"];
use_x_forwarded_for = true;
};
default_config = {};
"automation ui" = "!include automations.yaml";
"scene ui" = "!include scenes.yaml";
"script ui" = "!include scripts.yaml";
};
};
}

26
machines/aresix/modules/reverse-proxy.nix Normal file
View file

@ -0,0 +1,26 @@
{...}: {
security.acme = {
acceptTerms = true;
defaults.email = "personal+letsencrypt@peprolinbot.com";
};
networking.firewall.allowedTCPPorts = [80 443];
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"ha.campares.duckdns.org" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
proxy_buffering off;
'';
locations."/" = {
proxyPass = "http://[::1]:8123";
proxyWebsockets = true;
};
};
};
};
}

1
sops/secrets/tg-ha-door-creds/users/pedro Symbolic link
View file

@ -0,0 +1 @@
../../../users/pedro