1 files changed, 106 insertions, 0 deletions

diff --git a/nixos/modules/services/catbus-lifx.nix b/nixos/modules/services/catbus-lifx.nix
new file mode 100644
index 0000000..a46e312
--- /dev/null
+++ b/nixos/modules/services/catbus-lifx.nix
@@ -0,0 +1,106 @@
+{ config, lib, pkgs, ... }:
+with lib;
+
+let
+
+  cfg = config.eth.services.catbus-lifx;
+
+  configJSON = pkgs.writeText "config.json" (builtins.toJSON {
+    mqttBroker = cfg.mqttBroker;
+    bulbs = cfg.bulbs;
+  });
+
+in {
+
+  options.eth.services.catbus-lifx = {
+
+    enable = mkEnableOption "Whether to enable the Catbus Lifx bulb daemons.";
+
+    mqttBroker = mkOption {
+      type = types.str;
+      description = "URL of the MQTT broker.";
+      example = "tcp://broker.local:1883";
+    };
+
+    bulbs = mkOption {
+      type = types.attrsOf (types.submodule {
+        options = {
+          topics = {
+            power = mkOption {
+              type = types.str;
+              description = "MQTT topic for controlling the bulb's power";
+              example = "home/living-room/light/power";
+            };
+            hue = mkOption {
+              type = types.str;
+              description = "MQTT topic for controlling the bulb's hue";
+              example = "home/living-room/light/hue_degrees";
+            };
+            saturation = mkOption {
+              type = types.str;
+              description = "MQTT topic for controlling the bulb's saturation";
+              example = "home/living-room/light/saturation_percent";
+            };
+            brightness = mkOption {
+              type = types.str;
+              description = "MQTT topic for controlling the bulb's brightness";
+              example = "home/living-room/light/brightness_percent";
+            };
+            kelvin = mkOption {
+              type = types.str;
+              description = "MQTT topic for controlling the bulb's kelvin";
+              example = "home/living-room/light/kelvin";
+            };
+          };
+        };
+      });
+      example = { Bedroom = { topics = { power = "home/living-room/light/power"; }; }; };
+      description = "A set of devices and their MACs & controller topics.";
+    };
+  };
+
+
+  config = mkIf cfg.enable {
+    systemd.services.catbus-lifx-actuator = {
+      enable = true;
+      description = "Control Lifx bulbs via Catbus";
+      wants = [ "network.target" ];
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        DynamicUser = true;
+
+        ExecStart = "${pkgs.eth.catbus-lifx}/bin/catbus-lifx-actuator --config-path ${configJSON}";
+
+        NoNewPrivileges = true;
+        ProtectKernelTunables = true;
+        ProtectControlGroups = true;
+        ProtectKernelModules = true;
+        RestrictAddressFamilies = "AF_INET AF_INET6";
+        RestrictNamespaces = true;
+      };
+    };
+
+    systemd.services.catbus-lifx-observer = {
+      enable = true;
+      description = "Observe Lifx bulbs via Catbus";
+      wants = [ "network.target" ];
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        DynamicUser = true;
+
+        ExecStart = "${pkgs.eth.catbus-lifx}/bin/catbus-lifx-observer --config-path ${configJSON}";
+
+        NoNewPrivileges = true;
+        ProtectKernelTunables = true;
+        ProtectControlGroups = true;
+        ProtectKernelModules = true;
+        RestrictAddressFamilies = "AF_INET AF_INET6";
+        RestrictNamespaces = true;
+      };
+    };
+  };
+
+}
+