alejandro-angulo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added teslamate configuration

Browse source
This commit is contained in:
Alejandro Angulo 2024-02-05 20:20:02 -08:00
parent 00319bf5ee
commit 478198d88e
Signed by: alejandro-angulo
GPG key ID: 75579581C74554B6
13 changed files with 253 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

50
modules/nixos/services/grafana/default.nix
View file

@ -21,6 +21,13 @@ in {
};
};
config = mkIf cfg.enable {
age.secrets = {
teslamate_db_for_grafana = {
file = ../../../../secrets/teslamate_db.age;
owner = "grafana";
};
};
services.grafana = {
enable = true;
settings.server = {
@ -47,6 +54,49 @@ in {
access = "proxy";
url = "http://127.0.0.1:${toString config.services.loki.configuration.server.http_listen_port}";
}
{
name = "TeslaMate";
type = "postgres";
access = "proxy";
url = "localhost:5432";
user = "teslamate";
database = "teslamate";
secureJsonData = {
password = "$__file{${config.age.secrets.teslamate_db_for_grafana.path}}";
};
jsonData = {
# TODO: Automate this somehow?
postgresVersion = "1400";
sslmode = "disable";
};
}
];
};
dashboards = {
settings.providers = [
{
name = "teslamate";
orgId = 1;
folder = "TeslaMate";
folderUid = "Nr4ofiDZk";
type = "file";
disableDeletion = false;
editable = true;
updateIntervalSeconds = 86400;
options.path = "${pkgs.aa.teslamate-grafana-dashboards}/dashboards";
}
{
name = "teslamate_internal";
orgId = 1;
folder = "TeslaMate/Internal";
folderUid = "Nr5ofiDZk";
type = "file";
disableDeletion = false;
editable = true;
updateIntervalSeconds = 86400;
options.path = "${pkgs.aa.teslamate-grafana-dashboards}/dashboards/internal";
}
];
};
};

6
modules/nixos/services/mosquitto/default.nix
View file

@ -17,6 +17,7 @@ in {
age.secrets = {
hass_mqtt.file = ../../../../secrets/hass_mqtt.age;
theengs_ble_mqtt.file = ../../../../secrets/theengs_ble_mqtt.age;
teslamate_mqtt.file = ../../../../secrets/teslamate_mqtt.age;
};
services.mosquitto = {
@ -28,6 +29,7 @@ in {
acl = [
"readwrite home/#"
"readwrite homeassistant/#"
"read teslamate/#"
];
passwordFile = config.age.secrets.hass_mqtt.path;
};
@ -38,6 +40,10 @@ in {
];
passwordFile = config.age.secrets.theengs_ble_mqtt.path;
};
teslamate = {
acl = ["readwrite teslamate/#"];
passwordFile = config.age.secrets.teslamate_mqtt.path;
};
};
}
];

165
modules/nixos/services/teslamate/default.nix Normal file
View file

@ -0,0 +1,165 @@
{
options,
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.aa.services.teslamate;
in {
options.aa.services.teslamate = with types; {
enable = mkEnableOption "teslamate";
acmeCertName = mkOption {
type = str;
default = "";
description = ''
If set to a non-empty string, forces SSL with the supplied acme
certificate.
'';
};
user = mkOption {
type = str;
default = "teslamate";
description = ''
The user that should run teslamate
'';
};
group = mkOption {
type = str;
default = "teslamate";
description = ''
The group that should be assigned to the user running teslamate
'';
};
database = {
host = mkOption {
type = str;
default = "127.0.0.1";
description = ''
Database host address
'';
};
name = mkOption {
type = str;
default = "teslamate";
description = ''
The database name
'';
};
user = mkOption {
type = str;
default = "teslamate";
description = ''
The user that should have access to the database
'';
};
passwordFile = mkOption {
type = path;
description = lib.mdDoc ''
A file containing the password corresponding to
{option}`database.user`
'';
};
createDatabase = mkOption {
type = bool;
default = false;
description = ''
Whether to create a local database automatically.
'';
};
};
};
config = mkIf cfg.enable {
age.secrets = {
teslamate_encryption.file = ../../../../secrets/teslamate_encryption.age;
teslamate_mqtt.file = ../../../../secrets/teslamate_mqtt.age;
};
# docker-teslamate is the name of the service generated by the
# `virtualisation.oci-contianers` block below
systemd.services."docker-teslamate" = {
preStart = ''
mkdir -p /var/lib/teslamate
# Create file if it doesn't exist, truncate it if does
touch /var/lib/teslamate/env
echo "" > /var/lib/teslamate/env
chmod 600 /var/lib/teslamate/env
echo ENCRYPTION_KEY="$(cat ${config.age.secrets.teslamate_encryption.path})" >> /var/lib/teslamate/env
echo DATABASE_PASS="$(cat ${cfg.database.passwordFile})" >> /var/lib/teslamate/env
echo MQTT_PASSWORD="$(cat ${config.age.secrets.teslamate_mqtt.path})" >> /var/lib/teslamate/env
'';
};
virtualisation.oci-containers = {
backend = "docker";
containers."teslamate" = {
image = "ghcr.io/teslamate-org/teslamate:latest";
environmentFiles = ["/var/lib/teslamate/env"];
environment = {
# TODO: Make this configurable
PORT = "4000";
DATABASE_USER = cfg.database.user;
DATABASE_NAME = cfg.database.name;
DATABASE_HOST = cfg.database.host;
# TODO: Make this configurable.
MQTT_HOST = "192.168.113.42";
MQTT_USERNAME = "teslamate";
TZ = "America/Los_Angeles";
};
extraOptions = ["--cap-drop=all" "--network=host"];
# TODO: Make this configurable
ports = ["4000:4000"];
};
};
users.users.${cfg.user} = {
isSystemUser = true;
group = cfg.group;
};
users.groups.${cfg.group} = {};
services.postgresql = optionalAttrs cfg.database.createDatabase {
enable = mkDefault true;
ensureDatabases = [cfg.database.name];
ensureUsers = [
{
name = cfg.database.user;
ensureDBOwnership = true;
}
];
};
services.nginx = {
enable = true;
virtualHosts."teslamate.kilonull.com" =
{
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
# TODO: Make port configurable.
proxyPass = "http://127.0.0.1:4000";
};
}
// lib.optionalAttrs (cfg.acmeCertName != "") {
forceSSL = true;
useACMEHost = cfg.acmeCertName;
};
};
networking.firewall.allowedTCPPorts = [4000];
};
}