homeassistant: enable node-red #198
@ -24,6 +24,8 @@
|
|||||||
preAuthKeyFile = config.age.secrets."tailscale/microserver.home.ts.hillion.co.uk".path;
|
preAuthKeyFile = config.age.secrets."tailscale/microserver.home.ts.hillion.co.uk".path;
|
||||||
advertiseRoutes = [ "10.64.50.0/24" "10.239.19.0/24" ];
|
advertiseRoutes = [ "10.64.50.0/24" "10.239.19.0/24" ];
|
||||||
advertiseExitNode = true;
|
advertiseExitNode = true;
|
||||||
|
ipv4Addr = "100.105.131.47";
|
||||||
|
ipv6Addr = "fd7a:115c:a1e0:ab12:4843:cd96:6269:832f";
|
||||||
};
|
};
|
||||||
|
|
||||||
## Enable IoT VLAN
|
## Enable IoT VLAN
|
||||||
@ -47,7 +49,9 @@
|
|||||||
services.iperf3.enable = true;
|
services.iperf3.enable = true;
|
||||||
services.iperf3.openFirewall = true;
|
services.iperf3.openFirewall = true;
|
||||||
|
|
||||||
networking.firewall.interfaces = {
|
networking.firewall = {
|
||||||
|
trustedInterfaces = [ "tailscale0" ];
|
||||||
|
interfaces = {
|
||||||
"eth0" = {
|
"eth0" = {
|
||||||
allowedUDPPorts = [
|
allowedUDPPorts = [
|
||||||
5353 # HomeKit
|
5353 # HomeKit
|
||||||
@ -58,5 +62,6 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -26,6 +26,7 @@ in
|
|||||||
passwordFile = config.age.secrets."backups/homeassistant/restic/128G".path;
|
passwordFile = config.age.secrets."backups/homeassistant/restic/128G".path;
|
||||||
paths = [
|
paths = [
|
||||||
config.services.home-assistant.configDir
|
config.services.home-assistant.configDir
|
||||||
|
config.services.node-red.userDir
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -34,6 +34,17 @@ in
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
node-red = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
caddy = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts."http://nodered.home.ts.hillion.co.uk" = {
|
||||||
|
listenAddresses = [ config.custom.tailscale.ipv4Addr config.custom.tailscale.ipv6Addr ];
|
||||||
|
extraConfig = "reverse_proxy http://localhost:1880";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
home-assistant = {
|
home-assistant = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
@ -152,5 +163,18 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
### HACK: Allow Caddy to restart if it fails. This happens because Tailscale
|
||||||
|
### is too late at starting. Upstream nixos caddy does restart on failure
|
||||||
|
### but it's prevented on exit code 1. Set the exit code to 0 (non-failure)
|
||||||
|
### to override this.
|
||||||
|
systemd.services.caddy = {
|
||||||
|
requires = [ "tailscaled.service" ];
|
||||||
|
after = [ "tailscaled.service" ];
|
||||||
|
serviceConfig = {
|
||||||
|
RestartPreventExitStatus = lib.mkForce 0;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user