{ homeAssistantImage, nodeRedImage, nodeRedPort, homeAssistantPort , stateDirectory, ... }: { config, lib, pkgs, ... }: with lib; let homeAssistantUid = 730; nodeRedUid = 731; in { config = { users = { users = { home-assistant = { isSystemUser = true; group = "home-assistant"; uid = homeAssistantUid; }; home-assistant-node-red = { isSystemUser = true; group = "home-assistant"; uid = nodeRedUid; }; }; groups.home-assistant = { members = [ "home-assistant" ] ++ config.instance.local-admins; }; }; systemd = { services.arion-home-assistant = { requires = [ "podman.service" "mosquitto.service" ]; after = [ "podman.service" "network-online.target" "fudo-secrets.target" "mosquitto.service" ]; }; tmpfiles.rules = [ "d ${stateDirectory}/config 0770 ${ toString homeAssistantUid } home-assistant - -" "d ${stateDirectory}/node-red 0700 ${toString nodeRedUid} root - -" ]; }; virtualisation.arion.projects.home-assistant.settings = let image = { pkgs, ... }: { project.name = "home-assistant"; services = { home-assistant.service = { image = homeAssistantImage; restart = "always"; volumes = [ "${stateDirectory}/config:/config" "/etc/localtime:/etc/localtime:ro" ]; ports = [ "${toString homeAssistantPort}:8123" ]; user = "${toString homeAssistantUid}:${toString homeAssistantUid}"; network_mode = "host"; }; node-red.service = { image = nodeRedImage; restart = "always"; volumes = [ "${stateDirectory}/node-red:/data" ]; ports = [ "${toString nodeRedPort}:1880" ]; depends_on = [ "home-assistant" ]; environment.TZ = config.time.timeZone; user = "${toString nodeRedUid}:${toString nodeRedUid}"; }; }; }; in { imports = [ image ]; }; }; }