Add home-assistant and fail2ban

2022-10-13 09:07:15 -04:00 · 2022-10-13 09:07:15 -04:00 · 75e642c6cf
commit 75e642c6cf
parent 8e589775a2
2 changed files with 28 additions and 0 deletions
--- a/machines/pedro/configuration.nix
+++ b/machines/pedro/configuration.nix
@ -116,6 +116,7 @@
  virtualisation.oci-containers.containers = let
    serverIP = "192.168.88.21";
  in {
+    home-assistant = import ./home-assistant.nix serverIP;
    pihole = import ./pihole.nix serverIP;
  };

@ -123,6 +124,16 @@
  services = {
    chrony.enable = true;

+    fail2ban = {
+      enable = true;
+      maxretry = 5;
+      ignoreIP = [
+        "127.0.0.0/8"     # localhost
+        "192.168.0.0/16"  # LAN
+        "160.91.241.229"  # lucky
+      ];
+    };
+
    gitea = import ./gitea.nix;

    nginx = import ./nginx.nix;
--- a/machines/pedro/home-assistant.nix
+++ b/machines/pedro/home-assistant.nix
@ -0,0 +1,17 @@
+serverIP :
+{
+  image = "ghcr.io/home-assistant/home-assistant:2022.8.5";
+  #ports = [
+    #"8123:8123"
+  #];
+  volumes = [
+    "/etc/localtime:/etc/localtime:ro"
+    "/serverdata/home-assistant:/config"
+  ];
+  extraOptions = [
+    "--privileged"
+    "--network=host"
+    #"--device /dev/ttyUSB0"
+    #"--device /dev/ttyUSB1"
+  ];
+}