From 884c73d2c0542a303a8af93e522fc17e3578e622 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 18 Sep 2018 02:16:12 +0200
Subject: ma homeautomation: add mqtt broker with acl

---
 makefu/2configs/deployment/homeautomation/mqtt.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'makefu/2configs/deployment/homeautomation/mqtt.nix')

diff --git a/makefu/2configs/deployment/homeautomation/mqtt.nix b/makefu/2configs/deployment/homeautomation/mqtt.nix
index 1d6a6a3a3..cd1c328d7 100644
--- a/makefu/2configs/deployment/homeautomation/mqtt.nix
+++ b/makefu/2configs/deployment/homeautomation/mqtt.nix
@@ -10,7 +10,15 @@
       hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
       acl = [ "topic readwrite #" ];
     };
+    users.hass = {
+      hashedPassword = "$6$SHuYGrE5kPSUc/hu$EomZ0KBy+vkxLt/6eJkrSBjYblCCeMjhDfUd2mwqXYJ4XsP8hGmZ59mMlmBCd3AvlFYQxb4DT/j3TYlrqo7cDA==";
+      acl = [ "topic readwrite #" ];
+    };
+    users.stats = {
+      hashedPassword = "$6$j4H7KXD/YZgvgNmL$8e9sUKRXowDqJLOVgzCdDrvDE3+4dGgU6AngfAeN/rleGOgaMhee2Mbg2KS5TC1TOW3tYbk9NhjLYtjBgfRkoA==";
+      acl = [ "topic read #" ];
+    };
   };
   environment.systemPackages = [ pkgs.mosquitto ];
-  networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ];
+  # port open via trusted interface
 }
-- 
cgit v1.2.3