diff --git a/flake.lock b/flake.lock index 3ef2de6..d29db18 100644 --- a/flake.lock +++ b/flake.lock @@ -72,11 +72,11 @@ ] }, "locked": { - "lastModified": 1762286984, - "narHash": "sha256-9I2H9x5We6Pl+DBYHjR1s3UT8wgwcpAH03kn9CqtdQc=", + "lastModified": 1766051518, + "narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=", "owner": "serokell", "repo": "deploy-rs", - "rev": "9c870f63e28ec1e83305f7f6cb73c941e699f74f", + "rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa", "type": "github" }, "original": { @@ -129,11 +129,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1765253041, - "narHash": "sha256-D4/vwhvX26KW3gux9CCiJ87zc5UOiLTFlfG3+5h0VRI=", + "lastModified": 1767413017, + "narHash": "sha256-y36ZRvxafUhaJUZVMp4CWR5wuVNhHJDrr2SZRIy9zaY=", "owner": "rycee", "repo": "nur-expressions", - "rev": "687d6eb2a8503afdeaaf9e230fb72f880daa7252", + "rev": "77a1aeceb7be71542dcef4ea6707f657cb0f9496", "type": "gitlab" }, "original": { @@ -178,15 +178,15 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1761588595, - "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", - "owner": "edolstra", + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "NixOS", "repo": "flake-compat", - "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", "type": "github" }, "original": { - "owner": "edolstra", + "owner": "NixOS", "repo": "flake-compat", "type": "github" } @@ -198,11 +198,11 @@ ] }, "locked": { - "lastModified": 1763759067, - "narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -299,11 +299,11 @@ ] }, "locked": { - "lastModified": 1765170903, - "narHash": "sha256-O8VTGey1xxiRW+Fpb+Ps9zU7ShmxUA1a7cMTcENCVNg=", + "lastModified": 1767280655, + "narHash": "sha256-YmaYMduV5ko8zURUT1VLGDbVC1L/bxHS0NsiPoZ6bBM=", "owner": "nix-community", "repo": "home-manager", - "rev": "20561be440a11ec57a89715480717baf19fe6343", + "rev": "d49d2543f02dbd789ed032188c84570d929223cb", "type": "github" }, "original": { @@ -353,11 +353,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1764440730, - "narHash": "sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x+6XUJ4YdFRjtO4=", + "lastModified": 1767185284, + "narHash": "sha256-ljDBUDpD1Cg5n3mJI81Hz5qeZAwCGxon4kQW3Ho3+6Q=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9154f4569b6cdfd3c595851a6ba51bfaa472d9f3", + "rev": "40b1a28dce561bea34858287fbb23052c3ee63fe", "type": "github" }, "original": { @@ -368,11 +368,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764983851, - "narHash": "sha256-y7RPKl/jJ/KAP/VKLMghMgXTlvNIJMHKskl8/Uuar7o=", + "lastModified": 1767325753, + "narHash": "sha256-yA/CuWyqm+AQo2ivGy6PlYrjZBQm7jfbe461+4HF2fo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d9bc5c7dceb30d8d6fafa10aeb6aa8a48c218454", + "rev": "64049ca74d63e971b627b5f3178d95642e61cedd", "type": "github" }, "original": { @@ -382,13 +382,29 @@ "type": "github" } }, - "nixpkgs-unstable": { + "nixpkgs-otbr": { "locked": { - "lastModified": 1765186076, - "narHash": "sha256-hM20uyap1a0M9d344I692r+ik4gTMyj60cQWO+hAYP8=", + "lastModified": 1766776257, + "narHash": "sha256-MG9DnzBn6TdAztaMPVhW9sjYj2bi9Jcux0F0fJ6LeO4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "addf7cf5f383a3101ecfba091b98d0a1263dc9b8", + "rev": "0c4c97066d555b7d27a0a56ee400130ec51f02ee", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "refs/pull/332296/head", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1767379071, + "narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fb7944c166a3b630f177938e478f0378e64ce108", "type": "github" }, "original": { @@ -423,11 +439,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1765269853, - "narHash": "sha256-F/54YLlz7FEmE45lWXyhVXPaBRHy31ttuPhGCbXH+Os=", + "lastModified": 1767433926, + "narHash": "sha256-16+Qr/7DjMFLsKBJycJhOv3TZz59w9Tv5E24ZNLTmvk=", "owner": "astro", "repo": "nix-openwrt-imagebuilder", - "rev": "885f9ccc245b8a1d9a537bb28b3fbbd12a038165", + "rev": "23f902fa4c3486dd4d1564c1da55a3f2eda77b79", "type": "github" }, "original": { @@ -445,11 +461,11 @@ ] }, "locked": { - "lastModified": 1765016596, - "narHash": "sha256-rhSqPNxDVow7OQKi4qS5H8Au0P4S3AYbawBSmJNUtBQ=", + "lastModified": 1767281941, + "narHash": "sha256-6MkqajPICgugsuZ92OMoQcgSHnD6sJHwk8AxvMcIgTE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "548fc44fca28a5e81c5d6b846e555e6b9c2a5a3c", + "rev": "f0927703b7b1c8d97511c4116eb9b4ec6645a0fa", "type": "github" }, "original": { @@ -471,6 +487,7 @@ "matrix-appservices": "matrix-appservices", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", + "nixpkgs-otbr": "nixpkgs-otbr", "nixpkgs-unstable": "nixpkgs-unstable", "nvim-kitty-navigator": "nvim-kitty-navigator", "openwrt-imagebuilder": "openwrt-imagebuilder", diff --git a/flake.nix b/flake.nix index 3817bb2..9e6719a 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,9 @@ rec { nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + # https://github.com/NixOS/nixpkgs/pull/332296 + nixpkgs-otbr.url = "github:NixOS/nixpkgs/?ref=refs/pull/332296/head"; + nixos-hardware.url = "github:NixOS/nixos-hardware"; disko = { diff --git a/services/home-assistant/default.nix b/services/home-assistant/default.nix index 588d715..0e43a5c 100644 --- a/services/home-assistant/default.nix +++ b/services/home-assistant/default.nix @@ -1,5 +1,6 @@ { config, + lib, pkgs, inputs, ... @@ -7,12 +8,17 @@ let port = config.services.home-assistant.config.http.server_port; + devices = { + zigbee = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20231009144806-if00"; + thread = "/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20231009150648-if00"; + }; in { disabledModules = [ "services/home-automation/home-assistant.nix" ]; imports = [ "${inputs.nixpkgs-unstable}/nixos/modules/services/home-automation/home-assistant.nix" + "${inputs.nixpkgs-otbr}/nixos/modules/services/home-automation/openthread-border-router.nix" ./wyoming.nix # ./esphome.nix # HINT currently unused ]; @@ -45,7 +51,9 @@ in "otp" "upnp" "zha" - # "matter" # TODO uses insecure version of openssl + "thread" + "otbr" + "matter" # "esphome" # HINT currently unused "homekit_controller" "fritz" @@ -114,6 +122,26 @@ in # configWritable = true; # doesn't work atm }; + services.matter-server = { + enable = true; + }; + + services.openthread-border-router = { + enable = true; + package = inputs.nixpkgs-otbr.legacyPackages.${pkgs.system}.openthread-border-router; + radio = { + device = devices.thread; + baudRate = 460800; + extraDevices = [ "trel://enp2s0" ]; + }; + backboneInterface = "enp2s0"; + rest.listenPort = 58081; + web.listenPort = 58082; + }; + + # systemd-resolved is already providing mDNS, but avahi seems to be required for otbr + services.avahi.enable = lib.mkOverride 40 true; + networking.firewall.allowedTCPPorts = [ 1400 # Sonos discovery ]; diff --git a/system/networking.nix b/system/networking.nix index edd1a18..eecbafa 100644 --- a/system/networking.nix +++ b/system/networking.nix @@ -110,7 +110,7 @@ in }; # mDNS already handled by systemd-resolved - services.avahi.enable = false; + services.avahi.enable = lib.mkForce false; programs.mtr.enable = true; programs.mosh.enable = true;