68 lines
2.6 KiB
Nix
68 lines
2.6 KiB
Nix
{
|
|
pkgs,
|
|
hcpy-raw,
|
|
...
|
|
}:
|
|
pkgs.writeShellApplication rec {
|
|
name = "hcpy";
|
|
runtimeInputs = with pkgs; [gnugrep coreutils-full];
|
|
text = ''
|
|
#/ Usage: ${name} <ACTION> [ARGUMENTS] [OPTIONS]
|
|
#/
|
|
#/ This is a very, very beta interface for Bosch-Siemens Home Connect
|
|
#/ devices through their local network connection. Unlike most
|
|
#/ IoT devices that have a reputation for very bad security, BSG seem to have
|
|
#/ done a decent job of designing their system, especially since
|
|
#/ they allow a no-cloud local control configuration. The protocols
|
|
#/ seem sound, use well tested cryptographic libraries (TLS PSK with
|
|
#/ modern ciphres) or well understood primitives (AES-CBC with HMAC),
|
|
#/ and should prevent most any random attacker on your network from being able to
|
|
#/ [take over your appliances to mine cryptocurrency](http://www.antipope.org/charlie/blog-static/2013/12/trust-me.html).
|
|
#/
|
|
#/ Actions:
|
|
#/ - login <USERNAME> <PASSWORD> <OUTPUT-FILE> - initializes the JSON <OUTPUT-FILE> which contains a list of devices assigned to specified account.
|
|
#/ - run - starts the bridge connection between appliances and MQTT broker
|
|
#/
|
|
#/ Options for 'run' action:
|
|
#/ -d, --devices_file - file generated by "login" action, default="config/devices.json"
|
|
#/ -h, --mqtt_host - MQTT broker host, default="localhost"
|
|
#/ -p, --mqtt_prefix - MQTT broker prefix, default="homeconnect/"
|
|
#/ --mqtt_port - MQTT broker port, default=1883
|
|
#/ --mqtt_username - MQTT client username
|
|
#/ --mqtt_password - MQTT client password
|
|
#/ --mqtt_ssl - use SSL connection to MQTT broker
|
|
#/ --mqtt_cafile - CA certifications file for SSL connection
|
|
#/ --mqtt_certfile - certification file for SSL connection
|
|
#/ --mqtt_keyfile - certification key file for SSL connection
|
|
#/ --mqtt_clientname - name of MQTT broker client, default="hcpy1"
|
|
#/ --domain_suffix - the suffix of the domain, default=""
|
|
#/ --debug/--no-debug - enable debug mode
|
|
#/ --ha-discovery - enable HomeAssistant discovery
|
|
|
|
usage() { grep '^#/' "''${BASH_SOURCE[0]}" | cut -c4- ; exit 0 ; }
|
|
expr "$*" : ".*--help" > /dev/null && usage
|
|
|
|
if [ "$#" -eq 0 ]; then
|
|
echo "Expected action: login or run." >&2;
|
|
usage
|
|
fi
|
|
|
|
action="$1";
|
|
shift;
|
|
|
|
case "$action" in
|
|
login)
|
|
exec ${hcpy-raw}/bin/hc-login "$@";
|
|
;;
|
|
|
|
run)
|
|
exec ${hcpy-raw}/bin/hc2mqtt "$@";
|
|
;;
|
|
|
|
*)
|
|
echo "Expected action: login or run." >&2;
|
|
usage
|
|
esac
|
|
'';
|
|
}
|