diff --git a/ops/nixos/totoro/home-assistant.nix b/ops/nixos/totoro/home-assistant.nix index bfef7766b3..5deb06c5ad 100644 --- a/ops/nixos/totoro/home-assistant.nix +++ b/ops/nixos/totoro/home-assistant.nix @@ -8,21 +8,44 @@ in { settings = { homeassistant = true; serial.port = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_eca6e9ba6596ed11ac206b4ce259fb3e-if00-port0"; - mqtt.server = "mqtt://localhost:1883"; + mqtt = { + server = "mqtt://localhost:1883"; + user = "zigbee2mqtt"; + password = "zigbee2mqtt"; + }; frontend = { port = 8099; host = config.my.ip.tailscale6; }; }; }; - services.mosquitto = { + services.mosquitto = let + localhostUsers = { + zigbee2mqtt = { + password = "zigbee2mqtt"; + acl = [ + "readwrite zigbee2mqtt/#" + "readwrite homeassistant/#" + ]; + }; + homeassistant = { + password = "homeassistant"; + acl = [ + "readwrite zigbee2mqtt/#" + "readwrite homeassistant/#" + ]; + }; + }; + in { enable = true; listeners = [{ address = "127.0.0.1"; port = 1883; + users = localhostUsers; } { address = "::1"; port = 1883; + users = localhostUsers; }]; };