gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

systemd2mqtt

Browse source
This commit is contained in:
arcnmx 2023-03-29 14:37:03 -07:00
parent 7a9fd72e52
commit 3f017f19b7
4 changed files with 147 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

113
flake.lock generated
View file

@ -201,6 +201,22 @@
"type": "github" "type": "github"
} }
}, },
"fl-config": {
"locked": {
"lastModified": 1653159448,
"narHash": "sha256-PvB9ha0r4w6p412MBPP71kS/ZTBnOjxL0brlmyucPBA=",
"owner": "flakelib",
"repo": "fl",
"rev": "fcefb9738d5995308a24cda018a083ccb6b0f460",
"type": "github"
},
"original": {
"owner": "flakelib",
"ref": "config",
"repo": "fl",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -248,6 +264,25 @@
"type": "github" "type": "github"
} }
}, },
"flakelib": {
"inputs": {
"fl-config": "fl-config",
"std": "std"
},
"locked": {
"lastModified": 1669759641,
"narHash": "sha256-Zc6rZC0gTLZ9AzGG6vlImkYZGRf0bdMNk1fwS06ZqnU=",
"owner": "flakelib",
"repo": "fl",
"rev": "ac03e98777f3f03e694f1bcf0c6a6a304734a263",
"type": "github"
},
"original": {
"owner": "flakelib",
"repo": "fl",
"type": "github"
}
},
"format-all": { "format-all": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -357,6 +392,22 @@
"type": "github" "type": "github"
} }
}, },
"nix-std": {
"locked": {
"lastModified": 1652644856,
"narHash": "sha256-tRRx4bBFwctWrUhnCNrcRee8Wiol1M7ypQTOPrLLtkc=",
"owner": "flakelib",
"repo": "std",
"rev": "194230d45e99ce84cf25ea8b3ae4774601fc097c",
"type": "github"
},
"original": {
"owner": "flakelib",
"ref": "master",
"repo": "std",
"type": "github"
}
},
"nix-straight": { "nix-straight": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -546,6 +597,7 @@
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nur": "nur", "nur": "nur",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"systemd2mqtt": "systemd2mqtt",
"tf-nix": "tf-nix", "tf-nix": "tf-nix",
"trusted": "trusted" "trusted": "trusted"
} }
@ -566,6 +618,27 @@
"type": "github" "type": "github"
} }
}, },
"rust": {
"inputs": {
"nixpkgs": [
"systemd2mqtt",
"nixpkgs"
]
},
"locked": {
"lastModified": 1670892108,
"narHash": "sha256-CmfMxBxQNV4j56EgbCRIu++Npwl1xtwoYWoZPnhsSTo=",
"owner": "arcnmx",
"repo": "nixexprs-rust",
"rev": "e7caa9e978907aa7d4a6c244eb69bff1fc987d10",
"type": "github"
},
"original": {
"owner": "arcnmx",
"repo": "nixexprs-rust",
"type": "github"
}
},
"sln-mode": { "sln-mode": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -603,6 +676,46 @@
"type": "github" "type": "github"
} }
}, },
"std": {
"inputs": {
"nix-std": "nix-std"
},
"locked": {
"lastModified": 1669759267,
"narHash": "sha256-jBAtT8Hb9XwiW5cBDl2SmOMbRivGoi9H6t78fJUO53g=",
"owner": "flakelib",
"repo": "std",
"rev": "628acb137d798d59d638999da4e1715572f18edb",
"type": "github"
},
"original": {
"owner": "flakelib",
"repo": "std",
"type": "github"
}
},
"systemd2mqtt": {
"inputs": {
"flakelib": "flakelib",
"nixpkgs": [
"nixpkgs"
],
"rust": "rust"
},
"locked": {
"lastModified": 1671408660,
"narHash": "sha256-q14YY7ByTVIDCE4sX5tJ2Eo4m+jDK+rOs41mD+rpA+c=",
"owner": "arcnmx",
"repo": "systemd2mqtt",
"rev": "a32c3e1ed052cdf35f79640f1a224518acb69fb5",
"type": "github"
},
"original": {
"owner": "arcnmx",
"repo": "systemd2mqtt",
"type": "github"
}
},
"tf-nix": { "tf-nix": {
"flake": false, "flake": false,
"locked": { "locked": {

6
flake.nix
View file

@ -47,6 +47,12 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
systemd2mqtt = {
url = "github:arcnmx/systemd2mqtt";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
}; };
outputs = { self, nixpkgs, flake-utils, ... }@inputs: let outputs = { self, nixpkgs, flake-utils, ... }@inputs: let

26
nixos/systems/tewi/nixos.nix
View file

@ -29,6 +29,7 @@ in {
services.access services.access
nixos.arc nixos.arc
nixos.sops nixos.sops
inputs.systemd2mqtt.nixosModules.default
./kanidm.nix ./kanidm.nix
./vouch.nix ./vouch.nix
./home-assistant.nix ./home-assistant.nix
@ -89,6 +90,19 @@ in {
name = ""; name = "";
}; };
services.systemd2mqtt = {
enable = true;
user = "root";
mqtt = {
url = "tcp://localhost:1883";
username = "systemd";
};
units = {
"mnt-shadow.mount" = { };
"mediatomb.service" = lib.mkIf config.services.mediatomb.enable { };
};
};
environment.etc = { environment.etc = {
"iscsi/initiatorname.iscsi" = lib.mkForce { "iscsi/initiatorname.iscsi" = lib.mkForce {
source = config.sops.secrets.openscsi-config.path; source = config.sops.secrets.openscsi-config.path;
@ -101,7 +115,10 @@ in {
) md.shadow.cryptDisks); ) md.shadow.cryptDisks);
}; };
sops.secrets.openscsi-config = { }; sops.secrets = {
openscsi-config = { };
systemd2mqtt-env = { };
};
fileSystems = { fileSystems = {
"/" = { "/" = {
@ -152,6 +169,13 @@ in {
wantedBy = cryptServices; wantedBy = cryptServices;
before = wantedBy; before = wantedBy;
}; };
systemd2mqtt = lib.mkIf config.services.systemd2mqtt.enable rec {
requires = lib.mkIf config.services.mosquitto.enable [ "mosquitto.service" ];
after = requires;
serviceConfig.EnvironmentFile = [
config.sops.secrets.systemd2mqtt-env.path
];
};
}; };
}; };

5
nixos/systems/tewi/secrets.yaml
View file

@ -6,6 +6,7 @@ tailscale-key: ENC[AES256_GCM,data:dGqnKoCFSF6ZmeptOP7bGy4HYDdUCC1oTdXpiUURDgXl/
vouch-client-secret: ENC[AES256_GCM,data:4MZL99JM4AeUcUfZ8a335utxgqvdH5PCc1R3KAvuOGpaWFGmU7CaD3vV5eLJ62gJ,iv:n1xbPBHi2TcZ12lm7LqItv2aOo7dkgzRh10uxFsy3yM=,tag:+fmJzYMhbiUae/kSyWbT5Q==,type:str] vouch-client-secret: ENC[AES256_GCM,data:4MZL99JM4AeUcUfZ8a335utxgqvdH5PCc1R3KAvuOGpaWFGmU7CaD3vV5eLJ62gJ,iv:n1xbPBHi2TcZ12lm7LqItv2aOo7dkgzRh10uxFsy3yM=,tag:+fmJzYMhbiUae/kSyWbT5Q==,type:str]
vouch-jwt: ENC[AES256_GCM,data:XDalZtedsBNnDYApmWpdYR9yHBvNXA2DlMmKyCPmcMlqTlbAIVL702/HzTaWLvwpgVXpn3pgG8hNXm9rUE764Q==,iv:qyvGCsildhYgzQiYQ4M0H6eFYrKp8aTkwEeZywpQqHM=,tag:ogtAgvpYE43VPhLhD4NuNA==,type:str] vouch-jwt: ENC[AES256_GCM,data:XDalZtedsBNnDYApmWpdYR9yHBvNXA2DlMmKyCPmcMlqTlbAIVL702/HzTaWLvwpgVXpn3pgG8hNXm9rUE764Q==,iv:qyvGCsildhYgzQiYQ4M0H6eFYrKp8aTkwEeZywpQqHM=,tag:ogtAgvpYE43VPhLhD4NuNA==,type:str]
openscsi-config: ENC[AES256_GCM,data:pLfiDNSx3ghibiWgfV8vXqgXHJaA7dYwl7Tlqs11+XOGQ7gZPFavmhQfak6/LrD0boyM/vj6oXgp,iv:wuG4BIZeyxT3RXmXpvItByf3NDiKpCpMWWhsmmsG4l0=,tag:brFZh8mLv2WHQHPtK70bxQ==,type:str] openscsi-config: ENC[AES256_GCM,data:pLfiDNSx3ghibiWgfV8vXqgXHJaA7dYwl7Tlqs11+XOGQ7gZPFavmhQfak6/LrD0boyM/vj6oXgp,iv:wuG4BIZeyxT3RXmXpvItByf3NDiKpCpMWWhsmmsG4l0=,tag:brFZh8mLv2WHQHPtK70bxQ==,type:str]
systemd2mqtt-env: ENC[AES256_GCM,data:Zo3+acCcMWgai2ERKbmOlI0hvdkOlNviBqeLb1ALuA==,iv:NxXBDCEevBRqMDY9/3z/Uq2+vENswkYTgTa82wKc32U=,tag:01WUphYRJrwmHv9HE4ac8w==,type:str]
z2m-secret: ENC[AES256_GCM,data:SCxz8nbB/QhfPcAzSEDHMpiQnjv+j0xLtg/20qf5ZEe3P5YRaiKXMSqdw6MX7uQtGh8T44raEgS8PFuGKXY423GV/MNPSzMl16DLBwU5P7TL6lYT97uVYRIqWMKqtPy/1f155743wH8HsJvslmg=,iv:Yw9dvH1dBq+vxHvKm0eeHlqVHRdUuzL71mDTbIF7DDg=,tag:bCiDNSwq7P21TwblvVGq6A==,type:str] z2m-secret: ENC[AES256_GCM,data:SCxz8nbB/QhfPcAzSEDHMpiQnjv+j0xLtg/20qf5ZEe3P5YRaiKXMSqdw6MX7uQtGh8T44raEgS8PFuGKXY423GV/MNPSzMl16DLBwU5P7TL6lYT97uVYRIqWMKqtPy/1f155743wH8HsJvslmg=,iv:Yw9dvH1dBq+vxHvKm0eeHlqVHRdUuzL71mDTbIF7DDg=,tag:bCiDNSwq7P21TwblvVGq6A==,type:str]
deluge-auth: ENC[AES256_GCM,data:qJP/CztnN7RV4Z3pP+jbH1B0zzBm8oa3n3X0pecEVe7UI3+NOSwFaQCBD7Q7JDxzh+qTNdQ/wWi7w0XJDG+aRIikgDG28S9RjdPL/w==,iv:GUEwmuk3JWMgsXsDgDrObW657WcN6wcYAsgXhK4Dvx0=,tag:vZMQ67j5kWBWOa6ZqCaQHw==,type:str] deluge-auth: ENC[AES256_GCM,data:qJP/CztnN7RV4Z3pP+jbH1B0zzBm8oa3n3X0pecEVe7UI3+NOSwFaQCBD7Q7JDxzh+qTNdQ/wWi7w0XJDG+aRIikgDG28S9RjdPL/w==,iv:GUEwmuk3JWMgsXsDgDrObW657WcN6wcYAsgXhK4Dvx0=,tag:vZMQ67j5kWBWOa6ZqCaQHw==,type:str]
ha-secrets: ENC[AES256_GCM,data:sw+sxrDyNIOAkHSA2fPLqtHR32iKIaZDdgJ1ZcQTeOqlgdZDhK5XzXiBkpZBTwKswUc2UPDOANsn+YRusX2tUvLYjdxZz4jIBKJuaW3aEtOcxjmG55KYxHmTzSbR4IhpuZ+1wDhvp4UiUqyD273Lt6LTFDmohZAVqwxJc2k4YTZJXiofVf8ywcXPMcS+zIMxb5nBX9EJqgJ80pnBI8vZeCg4pFv/Ux2OoS+PTnkYHnsywf57NA23YcKqnsbJoZwi3e4ooM2erygv0DuoP7QBnBdEf5RKSziECDTDPUFQVNYIOEAgJIYOD/GtZmWMx4SadsmrgTB1RqtAdPnvuuD3jLYW20zci8CxmI4F/h/+8lxUH/TGiG2bUmPYvwTE1eW1cLK91XhxXp6ORyWMGYcR98ryGL00ctD/BaZLdk7FYbQMTF2y2vx5vWAABTnYLsv6H9csmD4O7OeNkd9k+YQB/atENAXRgIiGDvkkbNoRkRU5SzIIHGcjjU7GC6hT+LDportPuhUW+g6KJj0ENOCI0yXNkIfa6LXAJcCmdovJCIbdw1HCGHuu+dc5rSWueiOWo+2rr8loytZTTMwevTaldfrNyu42K+bZI2BkPdXzkPQDeV8y5PmfnXfdXthmmnZbYRyVYUd1OH9L,iv:zxpazCPJTWmuw7/BNj90G89aGyk3fCqBB+RCyKW6QwY=,tag:5zSnrZOxo8G2Wg4LNtEsaQ==,type:str] ha-secrets: ENC[AES256_GCM,data:sw+sxrDyNIOAkHSA2fPLqtHR32iKIaZDdgJ1ZcQTeOqlgdZDhK5XzXiBkpZBTwKswUc2UPDOANsn+YRusX2tUvLYjdxZz4jIBKJuaW3aEtOcxjmG55KYxHmTzSbR4IhpuZ+1wDhvp4UiUqyD273Lt6LTFDmohZAVqwxJc2k4YTZJXiofVf8ywcXPMcS+zIMxb5nBX9EJqgJ80pnBI8vZeCg4pFv/Ux2OoS+PTnkYHnsywf57NA23YcKqnsbJoZwi3e4ooM2erygv0DuoP7QBnBdEf5RKSziECDTDPUFQVNYIOEAgJIYOD/GtZmWMx4SadsmrgTB1RqtAdPnvuuD3jLYW20zci8CxmI4F/h/+8lxUH/TGiG2bUmPYvwTE1eW1cLK91XhxXp6ORyWMGYcR98ryGL00ctD/BaZLdk7FYbQMTF2y2vx5vWAABTnYLsv6H9csmD4O7OeNkd9k+YQB/atENAXRgIiGDvkkbNoRkRU5SzIIHGcjjU7GC6hT+LDportPuhUW+g6KJj0ENOCI0yXNkIfa6LXAJcCmdovJCIbdw1HCGHuu+dc5rSWueiOWo+2rr8loytZTTMwevTaldfrNyu42K+bZI2BkPdXzkPQDeV8y5PmfnXfdXthmmnZbYRyVYUd1OH9L,iv:zxpazCPJTWmuw7/BNj90G89aGyk3fCqBB+RCyKW6QwY=,tag:5zSnrZOxo8G2Wg4LNtEsaQ==,type:str]
@ -36,8 +37,8 @@ sops:
VndVTG0zQWhsUHcwTkFjK2ZPdzRPUUEKJ3flgZ6/s+TjlFgzsANYaOFiEPQuE4zR VndVTG0zQWhsUHcwTkFjK2ZPdzRPUUEKJ3flgZ6/s+TjlFgzsANYaOFiEPQuE4zR
7npNUDFLe26Q32G3j/lLSBzZZfKoOC5SOSp9TB8eWMYSxfNnXEIu0g== 7npNUDFLe26Q32G3j/lLSBzZZfKoOC5SOSp9TB8eWMYSxfNnXEIu0g==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-22T20:04:27Z" lastmodified: "2023-03-25T21:52:55Z"
mac: ENC[AES256_GCM,data:iZb07wv1PFwgB/yC1eklLPvmivSB2g6UPdzvO55CycBHvdnIX+Wdlp0Hp9k+KGw4IeCTPhvj2EqXLbgkUqgkM4x9GKYA1460kSXTqsK8+9FfAx8nfO/Q34fLy+x8mB0pNBCpLc3gCqMm7PTyx31sM6YYBToq0AC8T/lIDJTtNfk=,iv:/7ZNN6D6HGjXN/mfpxw203ynpfsKGAsOqyvLaabojYA=,tag:onP5JAhYPvcri38GL2Q2fA==,type:str] mac: ENC[AES256_GCM,data:vDdOOYfVqbNXoO9AI4u8qaB/51lJS3yB2y0isrlKk4ANbJXb511LRjjCLiEsbLauqQH9y2b+bGfFBL/+2psyji8IuADJg/bMBdgXpCi407QP4Bn36weaPR55tqNtg6XHHL7LqBeinhrVslRo9H8T3Dl5jKwD2wAwwkAsthmgVyI=,iv:HbUVA5F3xAGJCfVwdAbQqYyiQQTdzk6M5HHKkJkLo5k=,tag:BoDWnEBMRa93coRJwe4tbg==,type:str]
pgp: pgp:
- created_at: "2023-03-10T17:06:53Z" - created_at: "2023-03-10T17:06:53Z"
enc: | enc: |