Generalized the JF and transmission users and groups
This commit is contained in:
rasmus-kirk
+17
-17
@@ -118,13 +118,14 @@ in {
|
||||
media.gid = 992;
|
||||
prowlarr = {};
|
||||
transmission = {};
|
||||
jellyfin = {};
|
||||
streamer = {};
|
||||
torrenter = {};
|
||||
};
|
||||
# TODO: This is BAD. But seems necessary when using containers.
|
||||
# The prefered solution is to just remove containerization.
|
||||
# Look at https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/misc/ids.nix
|
||||
users.users = {
|
||||
jellyfin = {
|
||||
streamer = {
|
||||
isSystemUser = true;
|
||||
uid = lib.mkForce 316;
|
||||
};
|
||||
@@ -148,9 +149,8 @@ in {
|
||||
group = "media";
|
||||
uid = lib.mkForce 309;
|
||||
};
|
||||
transmission = {
|
||||
torrenter = {
|
||||
isSystemUser = true;
|
||||
group = "media";
|
||||
uid = lib.mkForce 70;
|
||||
};
|
||||
prowlarr = {
|
||||
@@ -163,19 +163,19 @@ in {
|
||||
systemd.tmpfiles.rules = [
|
||||
# Media dirs
|
||||
"d '${cfg.mediaDir}' 0775 root media - -"
|
||||
"d '${cfg.mediaDir}/library' 0775 jellyfin media - -"
|
||||
"d '${cfg.mediaDir}/library/series' 0775 jellyfin media - -"
|
||||
"d '${cfg.mediaDir}/library/movies' 0775 jellyfin media - -"
|
||||
"d '${cfg.mediaDir}/library/music' 0775 jellyfin media - -"
|
||||
"d '${cfg.mediaDir}/library/books' 0775 jellyfin media - -"
|
||||
"d '${cfg.mediaDir}/torrents' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/.incomplete' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/.watch' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/manual' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/liadarr' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/radarr' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/sonarr' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/torrents/readarr' 0755 transmission media - -"
|
||||
"d '${cfg.mediaDir}/library' 0775 streamer media - -"
|
||||
"d '${cfg.mediaDir}/library/shows' 0775 streamer media - -"
|
||||
"d '${cfg.mediaDir}/library/movies' 0775 streamer media - -"
|
||||
"d '${cfg.mediaDir}/library/music' 0775 streamer media - -"
|
||||
"d '${cfg.mediaDir}/library/books' 0775 streamer media - -"
|
||||
"d '${cfg.mediaDir}/torrents' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/.incomplete' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/.watch' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/manual' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/liadarr' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/radarr' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/sonarr' 0755 torrenter media - -"
|
||||
"d '${cfg.mediaDir}/torrents/readarr' 0755 torrenter media - -"
|
||||
];
|
||||
|
||||
util-nixarr.vpnnamespace = {
|
||||
|
||||
@@ -95,11 +95,13 @@ in {
|
||||
mkIf cfg.enable
|
||||
{
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' 0700 jellyfin root - -"
|
||||
"d '${cfg.stateDir}' 0700 streamer root - -"
|
||||
];
|
||||
|
||||
services.jellyfin = {
|
||||
enable = cfg.enable;
|
||||
user = "streamer";
|
||||
group = "streamer";
|
||||
logDir = "${cfg.stateDir}/log";
|
||||
cacheDir = "${cfg.stateDir}/cache";
|
||||
dataDir = "${cfg.stateDir}/data";
|
||||
@@ -186,11 +188,13 @@ in {
|
||||
};
|
||||
|
||||
config = {
|
||||
users.groups.jellyfin = {};
|
||||
users.users.jellyfin = {
|
||||
uid = lib.mkForce config.users.users.jellyfin.uid;
|
||||
users.groups.streamer = {
|
||||
gid = config.users.groups.streamer.gid;
|
||||
};
|
||||
users.users.streamer = {
|
||||
uid = lib.mkForce config.users.users.streamer.uid;
|
||||
isSystemUser = true;
|
||||
group = "jellyfin";
|
||||
group = "streamer";
|
||||
};
|
||||
|
||||
# Use systemd-resolved inside the container
|
||||
@@ -201,6 +205,8 @@ in {
|
||||
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
user = "streamer";
|
||||
group = "streamer";
|
||||
logDir = "${cfg.stateDir}/log";
|
||||
cacheDir = "${cfg.stateDir}/cache";
|
||||
dataDir = "${cfg.stateDir}/data";
|
||||
|
||||
@@ -90,14 +90,15 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' 0700 transmission root - -"
|
||||
"d '${cfg.stateDir}' 0700 torrenter root - -"
|
||||
# This is fixes a bug in nixpks TODO: create nixpkgs issue
|
||||
"d '${cfg.stateDir}/.config/transmission-daemon' 0700 transmission root - -"
|
||||
"d '${cfg.stateDir}/.config/transmission-daemon' 0700 torrenter root - -"
|
||||
];
|
||||
|
||||
services.transmission = mkIf (!cfg.vpn.enable) {
|
||||
enable = true;
|
||||
group = "media";
|
||||
user = "torrenter";
|
||||
group = "torrenter";
|
||||
home = cfg.stateDir;
|
||||
webHome =
|
||||
if cfg.flood.enable
|
||||
@@ -183,13 +184,13 @@ in {
|
||||
};
|
||||
|
||||
config = {
|
||||
users.groups.media = {
|
||||
gid = config.users.groups.media.gid;
|
||||
users.groups.torrenter = {
|
||||
gid = config.users.groups.torrenter.gid;
|
||||
};
|
||||
users.users.transmission = {
|
||||
uid = lib.mkForce config.users.users.transmission.uid;
|
||||
users.users.torrenter = {
|
||||
uid = lib.mkForce config.users.users.torrenter.uid;
|
||||
isSystemUser = true;
|
||||
group = "media";
|
||||
group = "torrenter";
|
||||
};
|
||||
|
||||
# Use systemd-resolved inside the container
|
||||
@@ -205,8 +206,8 @@ in {
|
||||
|
||||
services.transmission = {
|
||||
enable = true;
|
||||
# This is maybe wrong, too afraid to fix it lol
|
||||
group = "media";
|
||||
user = "torrenter";
|
||||
group = "torrenter";
|
||||
webHome =
|
||||
if cfg.flood.enable
|
||||
then pkgs.flood-for-transmission
|
||||
|
||||
Reference in New Issue
Block a user