diff options
author | Ethel Morgan <eth@ethulhu.co.uk> | 2020-06-24 14:21:31 +0100 |
---|---|---|
committer | Ethel Morgan <eth@ethulhu.co.uk> | 2020-06-24 14:21:31 +0100 |
commit | ea950b8c4cf72034e4f000aee58be6b9b5d489d0 (patch) | |
tree | 083eab5350c2f8b8797484f97eadd9a18eda26e5 /nixos/modules/services | |
parent | da8d9c0f765cc76bbf8a2ae65902edae6a0eda17 (diff) |
add pkgs.catbus-networkpresence, and corresponding service
Diffstat (limited to '')
-rw-r--r-- | nixos/modules/services/catbus-observer-networkpresence.nix | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/nixos/modules/services/catbus-observer-networkpresence.nix b/nixos/modules/services/catbus-observer-networkpresence.nix new file mode 100644 index 0000000..be48e27 --- /dev/null +++ b/nixos/modules/services/catbus-observer-networkpresence.nix @@ -0,0 +1,95 @@ +{ config, lib, pkgs, ... }: +with lib; + +let + + cfg = config.eth.services.catbus-observer-networkpresence; + + configJSON = pkgs.writeText "config.json" '' + { + "mqttBroker": "tcp://${cfg.mqttBroker.host}:${toString cfg.mqttBroker.port}", + + "devices": { + "TV": { + "mac": "${cfg.devices.tv.mac}", + "topic": "${cfg.devices.tv.topic}" + } + } + } + ''; + +in { + + options.eth.services.catbus-observer-networkpresence = { + + enable = mkEnableOption "Whether to enable the Catbus network-presence observer"; + + interface = mkOption { + type = types.str; + description = "interface to scan"; + default = ""; + example = "enp2s0"; + }; + + mqttBroker = { + host = mkOption { + type = types.str; + description = "Host of the MQTT broker."; + example = "localhost"; + }; + port = mkOption { + type = types.int; + description = "Port of the MQTT broker."; + default = 1883; + }; + }; + + # TODO: replace this with a proper set of option sets. + devices = { + tv = { + mac = mkOption { + type = types.str; + description = "The device's MAC address"; + example = "aa:bb:cc:dd:ee:ff"; + }; + topic = mkOption { + type = types.str; + description = "MQTT topic for controlling the device"; + example = "home/house/speakers/power"; + }; + }; + }; + }; + + + config = mkIf cfg.enable { + assertions = [ + { + assertion = cfg.interface != ""; + message = "must set config.eth.services.catbus-observer-networkpresence.interface"; + } + ]; + + systemd.services.catbus-observer-networkpresence = { + enable = true; + description = "Detect devices on the network to publish to Catbus"; + wants = [ "network.target" ]; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + AmbientCapabilities = "CAP_NET_RAW CAP_NET_ADMIN"; + + ExecStart = "${pkgs.eth.catbus-networkpresence}/bin/catbus-observer-networkpresence --config-path ${configJSON} --interface ${cfg.interface}"; + + NoNewPrivileges = true; + ProtectKernelTunables = true; + ProtectControlGroups = true; + ProtectKernelModules = true; + RestrictNamespaces = true; + }; + }; + }; + +} + |