zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Lock down access to mqtt
All checks were successful
Check Flake / check-flake (push) Successful in 1m6s
Details

Browse Source
This commit is contained in:
Zuckerberg
2024-10-27 16:15:23 -07:00
parent 5b666a0565
commit c7d9e84f73
4 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
machines/storage/s0/home-automation.nix
View File

@@ -8,9 +8,10 @@
enable = true;
listeners = [
{
acl = [ "pattern readwrite #" ];
omitPasswordAuth = true;
settings.allow_anonymous = true;
users.root = {
acl = [ "readwrite #" ];
hashedPassword = "$7$101$8+QnkTzCdGizaKqq$lpU4o84n6D/1uwfA9pZDVExr1NDm1D/8tNla2tE9J9HdUqkvu192yYfiySY1MFqVNgUKgWEFu5P1bUKqRnzbUw==";
};
}
];
};
@@ -28,7 +29,8 @@
};
mqtt = {
server = "mqtt://localhost:1883";
# base_topic = "zigbee2mqtt";
user = "root";
password = "'!/run/agenix/zigbee2mqtt.yaml mqtt_password'";
};
frontend = {
host = "localhost";
@@ -36,6 +38,7 @@
};
};
};
age.secrets."zigbee2mqtt.yaml".file = ../../../secrets/zigbee2mqtt.yaml.age;
services.home-assistant = {
enable = true;