homeassistant: enable node-red #198

Open
JakeHillion wants to merge 1 commits from node-red into main
3 changed files with 38 additions and 8 deletions

View File

@ -24,6 +24,8 @@
preAuthKeyFile = config.age.secrets."tailscale/microserver.home.ts.hillion.co.uk".path; preAuthKeyFile = config.age.secrets."tailscale/microserver.home.ts.hillion.co.uk".path;
advertiseRoutes = [ "10.64.50.0/24" "10.239.19.0/24" ]; advertiseRoutes = [ "10.64.50.0/24" "10.239.19.0/24" ];
advertiseExitNode = true; advertiseExitNode = true;
ipv4Addr = "100.105.131.47";
ipv6Addr = "fd7a:115c:a1e0:ab12:4843:cd96:6269:832f";
}; };
## Enable IoT VLAN ## Enable IoT VLAN
@ -47,7 +49,9 @@
services.iperf3.enable = true; services.iperf3.enable = true;
services.iperf3.openFirewall = true; services.iperf3.openFirewall = true;
networking.firewall.interfaces = { networking.firewall = {
trustedInterfaces = [ "tailscale0" ];
interfaces = {
"eth0" = { "eth0" = {
allowedUDPPorts = [ allowedUDPPorts = [
5353 # HomeKit 5353 # HomeKit
@ -58,5 +62,6 @@
}; };
}; };
}; };
};
} }

View File

@ -26,6 +26,7 @@ in
passwordFile = config.age.secrets."backups/homeassistant/restic/128G".path; passwordFile = config.age.secrets."backups/homeassistant/restic/128G".path;
paths = [ paths = [
config.services.home-assistant.configDir config.services.home-assistant.configDir
config.services.node-red.userDir
]; ];
}; };
}; };

View File

@ -34,6 +34,17 @@ in
''; '';
}; };
node-red = {
enable = true;
};
caddy = {
enable = true;
virtualHosts."http://nodered.home.ts.hillion.co.uk" = {
listenAddresses = [ config.custom.tailscale.ipv4Addr config.custom.tailscale.ipv6Addr ];
extraConfig = "reverse_proxy http://localhost:1880";
};
};
home-assistant = { home-assistant = {
enable = true; enable = true;
@ -152,5 +163,18 @@ in
}; };
}; };
}; };
### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
### is too late at starting. Upstream nixos caddy does restart on failure
### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
### to override this.
systemd.services.caddy = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
serviceConfig = {
RestartPreventExitStatus = lib.mkForce 0;
};
};
}; };
} }