30 lines
607 B
Nix
30 lines
607 B
Nix
{
|
|
sops,
|
|
lib,
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
config = lib.mkIf config.server.home-assistant.enable {
|
|
|
|
sops.secrets."home-assistant/mosquitto/hass" = {
|
|
sopsFile = "hosts/lilith-lab/secrets/default.yaml"
|
|
};
|
|
|
|
services.mosquitto = {
|
|
enable = true;
|
|
listeners = [
|
|
{
|
|
address = "192.168.178.111";
|
|
port = 1883;
|
|
users.hass = {
|
|
acl = [ "readwrite #" ];
|
|
hashedPasswordFile = config.sops.secrets."home-assistant/mosquitto/hass".path;
|
|
};
|
|
}
|
|
];
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 1883 ];
|
|
};
|
|
}
|