sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity
Files
2cd45ef7de471214784ca5d93d3039a0ca97b4e2
nixconfig/modules/server/containers/apps/homeassistant.nix
soraefir af36497035 wip
2026-05-19 22:10:22 +02:00

101 lines
3.8 KiB
Nix
Raw Blame History

{ config, containerCfg, pkgs, lib, builder, name, ... }:
let
version = "latest";
serverCfg = config.syscfg.server;
in {
vm = {
portForward = [ 8123 ];
cfg = {cfg,...}:{
services.home-assistant = {
enable = true;
openFirewall = true;
extraComponents = [
"matter" "thread" "cast" "zha"
"default_config" "met" "esphome" "radio_browser"
"telegram_bot" "swiss_public_transport" "nextcloud" "jellyfin"
] ++ (if containerCfg.extra ? components then containerCfg.extra.components else []);
extraPackages = pp: with pp; [
python-telegram gtts
];
lovelaceConfig = {};
config = {
homeassistant = {
name = "Home";
latitude = "${if containerCfg.extra ? latitude then toString containerCfg.extra.latitude else toString 0}";
longitude = "${if containerCfg.extra ? longitude then toString containerCfg.extra.longitude else toString 0}";
elevation = "${if containerCfg.extra ? elevation then toString containerCfg.extra.elevation else toString 0}";
unit_system = "metric";
time_zone = config.time.timeZone;
};
lovelace = { mode = "yaml"; };
customLovelaceModules = [];
# default_config = {};
http = {
use_x_forwarded_for = true;
trusted_proxies = [ "10.0.0.0/8" "127.0.0.1" ];
};
};
};
};
};
containers = {
dummy = builder.mkContainer {
subdomain = containerCfg.subdomain;
image = "alpine:latest";
extraLabels = {
"traefik.http.services.${containerCfg.subdomain}.loadbalancer.server.url" = "http://${builder.hostIp}:8123";
};
overrides = {cmd = [ "sleep" "infinity" ];};
};
};
setup = {
trigger = "dummy";
envFile = config.sops.secrets."CUSTOM".path;
script = pkgs.writeShellScript "setup" ''
HASS_URL="https://${containerCfg.subdomain}.${serverCfg.domain}"
until [[ "$(${pkgs.curl}/bin/curl -s -o /dev/null -w "%{http_code}" "$HASS_URL/manifest.json")" =~ (200|301|302) ]]; do
sleep 5
done
sleep 5
ONBOARDING_STATUS=$(${pkgs.curl}/bin/curl -s -o /dev/null -w "%{http_code}" "$HASS_URL/api/onboarding" 2>/dev/null || echo "000")
if [ "$ONBOARDING_STATUS" = "200" ]; then
AUTH_CODE=$( ${pkgs.curl}/bin/curl -s -X POST "$HASS_URL/api/onboarding/users" \
-H "Content-Type: application/json" \
-d '{"client_id":"'"$HASS_URL"'","name":"'"$DEFAULT_ADMIN_USERNAME"'","username":"'"$DEFAULT_ADMIN_USERNAME"'","password":"'"$DEFAULT_ADMIN_PASSWORD"'","language":"en"}' \
| ${pkgs.jq}/bin/jq -r '.auth_code' )
ACCESS_TOKEN=$(${pkgs.curl}/bin/curl -s -X POST "$HASS_URL/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code&code=$AUTH_CODE&client_id=$HASS_URL" \
| ${pkgs.jq}/bin/jq -r '.access_token' )
${pkgs.curl} -s -X POST "$HASS_URL/api/onboarding/core_config" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"time_zone":"${config.time.timeZone}"}' > /dev/null 2>&1 || true
# We can configure many more things above !
${pkgs.curl} -s -X POST "$HASS_URL/api/onboarding/analytics" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" -d '{}' > /dev/null 2>&1 || true
${pkgs.curl} -s -X POST "$HA_URL/api/onboarding/integration" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"client_id":"'"$HASS_URL"'","redirect_uri":"'"$HASS_URL"'/?auth_callback=1"}' > /dev/null 2>&1 || true
fi
'';
};
}
Reference in New Issue View Git Blame Copy Permalink