Added mail notifications on failure. Needs more work on lib.nix and the services/*.nix.

2026-02-23 16:36:40 +01:00
parent f445bd8659
commit 944ffcea85
14 changed files with 460 additions and 147 deletions
@@ -14,7 +14,15 @@ helper.mkPodmanService {
  name = "home-assistant";
  pod = "home-assistant";
  defaultPort = "8123";
-  dataDir = false;
+  dataDirEnabled = false;
+  generatedSecrets = {
+    HOME_ASSISTANT_MQTT_USER = "xkcdpass -n 2 -d -";
+    HOME_ASSISTANT_MQTT_PASSWORD = "xkcdpass -n 8 -d -";
+  };
+  dirPermissions = [
+    "numbus-admin:users ${cfg.configDir}/home-assistant"
+    "100999:users ${cfg.configDir}/mqtt"
+  ];

  extraOptions = {
    devices = mkOption {
@@ -25,6 +33,75 @@ helper.mkPodmanService {
    };
  };

+  extraConfig = {
+    systemd.services."${name}-quirk-1" = {
+      description = "Podman container quirk 1 : ${name}";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "${name}.service" ];
+      onFailure = [ "service-failure-notify@%n.service" ];
+      startLimitBurst = 5;
+      startLimitIntervalSec = 600;
+      path = [ pkgs.coreutils pkgs.systemd ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = ''
+        mkdir -p /var/lib/numbus-server/${name}
+        if [[ -e /var/lib/numbus-server/${name}/quirk-1.true ]]; then
+          exit 0
+        fi
+        until [[ -e ${cfg.configDir}/home-assistant/configuration.yaml ]]; do
+          sleep 15
+        done
+        cat << 'EOF' >> ${cfg.configDir}/home-assistant/configuration.yaml
+
+http:
+  use_x_forwarded_for: true
+  trusted_proxies: ${config.numbus.networking.ipAddress}/24
+
+zha:
+EOF
+        systemctl restart ${name}.service
+        touch /var/lib/numbus-server/${name}/quirk-1.true
+      '';
+    };
+  };
+
+    systemd.services."${name}-quirk-2" = {
+      description = "Podman container quirk 2 : ${name}";
+      wantedBy = [ "multi-user.target" "${name}.service" ];
+      after = [ "${name}-secrets.service" ];
+      before = [ "${name}.service" "${name}-permissions.service" ];
+      onFailure = [ "service-failure-notify@%n.service" ];
+      startLimitBurst = 5;
+      startLimitIntervalSec = 600;
+      path = [ pkgs.coreutils pkgs.mosquitto ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = ''
+        mkdir -p /var/lib/numbus-server/${name}
+        if [[ -e /var/lib/numbus-server/${name}/quirk.true ]]; then
+          exit 0
+        fi
+        cat << EOF >> ${cfg.configDir}/mqtt/mosquitto.conf
+persistence true
+persistence_location /mosquitto/data/
+log_dest file /mosquitto/log/mosquitto.log
+listener 1883
+## Authentication ##
+allow_anonymous false
+password_file /mosquitto/password.txt
+EOF
+        source /var/lib/numbus-server/${name}/.env
+        mosquitto_passwd -b ${cfg.configDir}/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"
+        chmod 600 ${cfg.configDir}/mqtt/password.txt
+        touch /var/lib/numbus-server/${name}/quirk.true
+      '';
+    };
+
 # Compose file good
  composeText = ''
    services:
@@ -37,7 +114,7 @@ helper.mkPodmanService {
        ports:
          - "${cfg.port}:8123/tcp"
        volumes:
-          - ${cfg.configDir}/config:/config
+          - ${cfg.configDir}/home-assistant:/config
          - /etc/localtime:/etc/localtime:ro
          - /run/dbus:/run/dbus:ro
 ${lib.optionalString (cfg.devices != []) ''