| .. | ||
| pi-service | ||
| secrets | ||
| configuration.nix | ||
| flake.lock | ||
| flake.nix | ||
| hardware-configuration.nix | ||
| README.md | ||
noisebell
Monitors a GPIO pin on a Raspberry Pi to detect door open/close events. State changes get POSTed to a webhook endpoint. Current state is available over HTTP.
Runs on NixOS with Tailscale for networking and agenix for secrets.
Setup
1. Hardware config
Replace hardware-configuration.nix with the output of nixos-generate-config --show-hardware-config on your Pi (or use an appropriate hardware module like sd-card/sd-image-aarch64.nix).
2. SSH key
Add your SSH public key to configuration.nix:
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAA..."
];
3. Secrets
Get your Pi's SSH host public key and put it in secrets/secrets.nix:
ssh-keyscan <pi-ip> | grep ed25519
Then create the encrypted secret files:
cd secrets
agenix -e endpoint-url.age # paste webhook URL
agenix -e tailscale-auth-key.age # paste Tailscale auth key
4. Deploy
nix build .#nixosConfigurations.pi.config.system.build.toplevel
nixos-rebuild switch --flake .#pi --target-host root@noisebell
Configuration
Options under services.noisebell in flake.nix:
| Option | Default | Description |
|---|---|---|
gpioPin |
17 | GPIO pin to monitor |
debounceSecs |
5 | Debounce delay |
port |
8080 | HTTP status port |
retryAttempts |
3 | Webhook retry count |
retryBaseDelaySecs |
1 | Base delay for exponential backoff |
httpTimeoutSecs |
10 | Timeout for outbound webhook requests |
bindAddress |
0.0.0.0 |
Address to bind the HTTP server to |
activeLow |
true |
Whether low GPIO level means open (depends on wiring) |
restartDelaySecs |
5 | Seconds before systemd restarts on failure |
API
GET / — current door state:
{"status": "open", "timestamp": 1710000000}
State changes (and initial state on startup) are POSTed to the configured endpoint in the same format.