| docs | ||
| hosts/noisebell-do | ||
| pi | ||
| remote | ||
| scripts | ||
| secrets | ||
| .envrc | ||
| .gitignore | ||
| Cargo.lock | ||
| Cargo.toml | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
| rustfmt.toml | ||
Noisebell
Monitors the door at Noisebridge and tells you whether it's open or closed.
A Raspberry Pi reads a magnetic sensor on the door and pushes state changes to a cache server. The cache keeps the latest state and fans updates out to chat integrations such as Discord and Zulip.
Pi (door sensor) ──webhook──> Cache ──webhook──> Discord / Zulip
|
polls Pi <-+
|
+──webhook──> Pi relay ──webhook──> Home Assistant
Layout
| Directory | What it is |
|---|---|
pi/ |
Raspberry Pi OS base with laptop-built Noisebell deploy |
remote/ |
Server-side services (cache, RSS, Discord, Zulip) |
hosts/noisebell-do/ |
Standalone DigitalOcean NixOS host for the remote services |
secrets/ |
Shared agenix-encrypted secrets and recipient rules |
Each directory has its own README with setup and configuration details.
For hosted deployment, this repo exports nixosConfigurations.noisebell-do, a small DigitalOcean NixOS host that imports noisebell.nixosModules.default. The host provides deployment-specific values like domains and the Pi address, while the Noisebell module itself points agenix at the encrypted files in secrets/ and consumes the decrypted runtime files on the target machine.
Useful commands:
./scripts/deploy-do [jet@noisebell-do]redeploys the DigitalOcean remote host./scripts/nhsredeploys the old Hetzner host using the local checkout as the flake inputscripts/deploy-pios-pi.sh pi@100.66.45.36redeploys the Raspberry Pi OS machinescripts/share-grafana-public-dashboard jet@noisebell-dorepairs or prints the deterministic public-safe Grafana dashboard link
The full Home Assistant relay workflow is documented in pi/README.md. Public hosting, Cloudflare Tunnel, firewall, and Grafana sharing details are documented in docs/hosting.md.
Observability
The DigitalOcean host runs Prometheus, Loki, Grafana, Alloy, node_exporter, and blackbox_exporter via hosts/noisebell-do/observability.nix. Grafana provisions Noisebell Full Debug for authenticated operators and Noisebell Public for externally shared, Prometheus-only status.
- Grafana:
https://grafana-noisebell.extremist.software/through Cloudflare Tunnel, login required - Public-safe Grafana dashboard:
https://grafana-noisebell.extremist.software/public-dashboards/6e6f69736562656c6c7075626c696330 - Prometheus:
http://noisebell-do:9090/over Tailscale - Loki:
http://noisebell-do:3100/over Tailscale
The Pi deploy script enables persistent journald, installs prometheus-node-exporter, and installs noisebell-loki-journal.service to ship Pi journal logs to Loki on the DO host.
Prometheus is the source of truth for regular time-based data: scrape health, host CPU/memory/disk/uptime, DO-to-Pi poll counts and last results, GPIO state, Pi hardware readings, webhook counters, and retry counters. Loki/journald is reserved for sparse event logs that should be readable in chronological order: service start/stop, door state changes, cache state changes, Pi offline/online transitions, auth or rate-limit rejections, webhook retries/failures, stale events, and GPIO read errors. Routine successful polls, unchanged poll results, metrics scrapes, and badge/image/status reads are intentionally not logged at INFO.