From 8b04a55af03fa74bbecc8c6ed1af0382fd33d871 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Pluta?= Date: Thu, 21 Nov 2024 12:09:05 +0100 Subject: [PATCH] Create wrapper script --- flake.nix | 13 +++++++---- wrapper.nix | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+), 4 deletions(-) create mode 100644 wrapper.nix diff --git a/flake.nix b/flake.nix index b8b8ed4..0d16854 100644 --- a/flake.nix +++ b/flake.nix @@ -16,10 +16,11 @@ "x86_64-linux" ]; in { - packages = eachSystem (system: rec { - hcpy = default; - default = dream2nix.lib.evalModules { - packageSets.nixpkgs = nixpkgs.legacyPackages.${system}; + packages = eachSystem (system: let + pkgs = nixpkgs.legacyPackages.${system}; + in rec { + hcpy-raw = dream2nix.lib.evalModules { + packageSets.nixpkgs = pkgs; modules = [ ./package.nix { @@ -29,6 +30,10 @@ } ]; }; + + hcpy = pkgs.callPackage ./wrapper.nix {inherit hcpy-raw;}; + + default = hcpy; }); }; } diff --git a/wrapper.nix b/wrapper.nix new file mode 100644 index 0000000..e84ff78 --- /dev/null +++ b/wrapper.nix @@ -0,0 +1,67 @@ +{ + pkgs, + hcpy-raw, + ... +}: +pkgs.writeShellApplication rec { + name = "hcpy"; + runtimeInputs = with pkgs; [gnugrep coreutils-full]; + text = '' + #/ Usage: ${name} [ARGUMENTS] [OPTIONS] + #/ + #/ This is a very, very beta interface for Bosch-Siemens Home Connect + #/ devices through their local network connection. Unlike most + #/ IoT devices that have a reputation for very bad security, BSG seem to have + #/ done a decent job of designing their system, especially since + #/ they allow a no-cloud local control configuration. The protocols + #/ seem sound, use well tested cryptographic libraries (TLS PSK with + #/ modern ciphres) or well understood primitives (AES-CBC with HMAC), + #/ and should prevent most any random attacker on your network from being able to + #/ [take over your appliances to mine cryptocurrency](http://www.antipope.org/charlie/blog-static/2013/12/trust-me.html). + #/ + #/ Actions: + #/ - login - initializes the JSON which contains a list of devices assigned to specified account. + #/ - run - starts the bridge connection between appliances and MQTT broker + #/ + #/ Options for 'run' action: + #/ -d, --devices_file - file generated by "login" action, default="config/devices.json" + #/ -h, --mqtt_host - MQTT broker host, default="localhost" + #/ -p, --mqtt_prefix - MQTT broker prefix, default="homeconnect/" + #/ --mqtt_port - MQTT broker port, default=1883 + #/ --mqtt_username - MQTT client username + #/ --mqtt_password - MQTT client password + #/ --mqtt_ssl - use SSL connection to MQTT broker + #/ --mqtt_cafile - CA certifications file for SSL connection + #/ --mqtt_certfile - certification file for SSL connection + #/ --mqtt_keyfile - certification key file for SSL connection + #/ --mqtt_clientname" - name of MQTT broker client, default="hcpy1" + #/ --domain_suffix - the suffix of the domain, default="" + #/ --debug/--no-debug - enable debug mode + #/ --ha-discovery - enable HomeAssistant discovery + + usage() { grep '^#/' "''${BASH_SOURCE[0]}" | cut -c4- ; exit 0 ; } + expr "$*" : ".*--help" > /dev/null && usage + + if [ "$#" -eq 0 ]; then + echo "Expected action: login or run." >&2; + usage + fi + + action="$1"; + shift; + + case "$action" in + login) + exec ${hcpy-raw}/bin/hc-login "$@"; + ;; + + run) + exec ${hcpy-raw}/bin/hc2mqtt "$@"; + ;; + + *) + echo "Expected action: login or run." >&2; + usage + esac + ''; +}