{ me, auxiliaryPkgs, ... }: let inherit (auxiliaryPkgs) common; homeVersion = "2025.3.3"; homeDir = "/srv/home"; homePort = 8123; matterPort = 8124; homeImage = common.pullImage { name = "homeassistant/home-assistant"; tag = homeVersion; digest = "sha256:b67d76f5d0bacf55cf6c914be379a0436a1da1f8acb94ee08e3b108d46cf8c58"; x86.sha256 = "06ijcvdzax473fsy90657jmr2vjzh5pwdssk2vzgva8d6g3d396l"; }; matterImage = common.pullImage { registry = "github"; name = "matter-js/python-matter-server"; tag = "stable"; digest = "sha256:44d47c9ec91bf06fcb72a8df2dd2f36e90934c7b0d1d85f1ecb46fc695164746"; x86.sha256 = "sha256-976g4aYR+XqPAb5C8QU7VewvbuPP48JUR15vayHvZSw="; }; in { foundation.service.home-assistant = { default = { fullImage = homeImage; # give home-assistant control over the device network # stack to auto-discover devices on the network. customNetworkOption = "host"; # allow home-assistant to access zigbee/matter+thread # dongle. devices = [ "/dev/serial/by-id/usb-SMLIGHT_SMLIGHT_SLZB-07_6e29216e5272ef119d2f43848fcc3fa0-if00-port0" ]; volumes = [ [ "/etc/localtime" "/etc/localtime:ro" ] [ "${homeDir}/config" "/config" ] ]; ports = [ homePort ]; }; # additional services can be added here to enable # more home-manager device integrations. matter = { fullImage = matterImage; customNetworkOption = "host"; volumes = [ [ "${homeDir}/matter" "/data" ] ]; ports = [ matterPort ]; cmd = [ "--port" (toString matterPort) "--storage-path" "/data" "--paa-root-cert-dir" "/data/credentials" ]; }; }; services.nginx.virtualHosts = { "home.rnrd.fyi" = { useACMEHost = "rnrd.fyi"; forceSSL = true; listenAddresses = [ me.tailscale.ip ]; locations."/" = { proxyPass = "http://127.0.0.1:${toString homePort}"; proxyWebsockets = true; }; extraConfig = '' proxy_buffering off; access_log /var/log/nginx/home.access.log json_combined; ''; }; }; }