feat: expose configurations, add retry, make stable
This commit is contained in:
Jet Pham
parent
c6e726c430
commit
50ec63a474
11 changed files with 494 additions and 221 deletions
70
pi/README.md
Normal file
70
pi/README.md
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
# noisebell
|
||||
|
||||
Monitors a GPIO pin on a Raspberry Pi to detect door open/close events. State changes get POSTed to a webhook endpoint. Current state is available over HTTP.
|
||||
|
||||
Runs on NixOS with Tailscale for networking and agenix for secrets.
|
||||
|
||||
## Setup
|
||||
|
||||
### 1. Hardware config
|
||||
|
||||
Replace `hardware-configuration.nix` with the output of `nixos-generate-config --show-hardware-config` on your Pi (or use an appropriate hardware module like `sd-card/sd-image-aarch64.nix`).
|
||||
|
||||
### 2. SSH key
|
||||
|
||||
Add your SSH public key to `configuration.nix`:
|
||||
|
||||
```nix
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAA..."
|
||||
];
|
||||
```
|
||||
|
||||
### 3. Secrets
|
||||
|
||||
Get your Pi's SSH host public key and put it in `secrets/secrets.nix`:
|
||||
|
||||
```sh
|
||||
ssh-keyscan <pi-ip> | grep ed25519
|
||||
```
|
||||
|
||||
Then create the encrypted secret files:
|
||||
|
||||
```sh
|
||||
cd secrets
|
||||
agenix -e endpoint-url.age # paste webhook URL
|
||||
agenix -e tailscale-auth-key.age # paste Tailscale auth key
|
||||
```
|
||||
|
||||
### 4. Deploy
|
||||
|
||||
```sh
|
||||
nix build .#nixosConfigurations.pi.config.system.build.toplevel
|
||||
nixos-rebuild switch --flake .#pi --target-host root@noisebell
|
||||
```
|
||||
|
||||
## Configuration
|
||||
|
||||
Options under `services.noisebell` in `flake.nix`:
|
||||
|
||||
| Option | Default | Description |
|
||||
|---|---|---|
|
||||
| `gpioPin` | 17 | GPIO pin to monitor |
|
||||
| `debounceSecs` | 5 | Debounce delay |
|
||||
| `port` | 8080 | HTTP status port |
|
||||
| `retryAttempts` | 3 | Webhook retry count |
|
||||
| `retryBaseDelaySecs` | 1 | Base delay for exponential backoff |
|
||||
| `httpTimeoutSecs` | 10 | Timeout for outbound webhook requests |
|
||||
| `bindAddress` | `0.0.0.0` | Address to bind the HTTP server to |
|
||||
| `activeLow` | `true` | Whether low GPIO level means open (depends on wiring) |
|
||||
| `restartDelaySecs` | 5 | Seconds before systemd restarts on failure |
|
||||
|
||||
## API
|
||||
|
||||
`GET /` — current door state:
|
||||
|
||||
```json
|
||||
{"status": "open", "timestamp": 1710000000}
|
||||
```
|
||||
|
||||
State changes (and initial state on startup) are POSTed to the configured endpoint in the same format.
|
||||
Loading…
Add table
Add a link
Reference in a new issue