fujin/nixarr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generalized the JF and transmission users and groups

Browse Source
This commit is contained in:
rasmus-kirk
2024-02-26 16:47:52 +01:00
parent ff170eaeda
commit 9b194b6af3
3 changed files with 39 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixarr/default.nix
+17 -17
View File
@@ -118,13 +118,14 @@ in {
media.gid = 992; media.gid = 992;
prowlarr = {}; prowlarr = {};
transmission = {}; transmission = {};
jellyfin = {}; streamer = {};
torrenter = {};
}; };
# TODO: This is BAD. But seems necessary when using containers. # TODO: This is BAD. But seems necessary when using containers.
# The prefered solution is to just remove containerization. # The prefered solution is to just remove containerization.
# Look at https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/misc/ids.nix # Look at https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/misc/ids.nix
users.users = { users.users = {
jellyfin = { streamer = {
isSystemUser = true; isSystemUser = true;
uid = lib.mkForce 316; uid = lib.mkForce 316;
}; };
@@ -148,9 +149,8 @@ in {
group = "media"; group = "media";
uid = lib.mkForce 309; uid = lib.mkForce 309;
}; };
transmission = { torrenter = {
isSystemUser = true; isSystemUser = true;
group = "media";
uid = lib.mkForce 70; uid = lib.mkForce 70;
}; };
prowlarr = { prowlarr = {
@@ -163,19 +163,19 @@ in {
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
# Media dirs # Media dirs
"d '${cfg.mediaDir}' 0775 root media - -" "d '${cfg.mediaDir}' 0775 root media - -"
"d '${cfg.mediaDir}/library' 0775 jellyfin media - -" "d '${cfg.mediaDir}/library' 0775 streamer media - -"
"d '${cfg.mediaDir}/library/series' 0775 jellyfin media - -" "d '${cfg.mediaDir}/library/shows' 0775 streamer media - -"
"d '${cfg.mediaDir}/library/movies' 0775 jellyfin media - -" "d '${cfg.mediaDir}/library/movies' 0775 streamer media - -"
"d '${cfg.mediaDir}/library/music' 0775 jellyfin media - -" "d '${cfg.mediaDir}/library/music' 0775 streamer media - -"
"d '${cfg.mediaDir}/library/books' 0775 jellyfin media - -" "d '${cfg.mediaDir}/library/books' 0775 streamer media - -"
"d '${cfg.mediaDir}/torrents' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/.incomplete' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/.incomplete' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/.watch' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/.watch' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/manual' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/manual' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/liadarr' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/liadarr' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/radarr' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/radarr' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/sonarr' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/sonarr' 0755 torrenter media - -"
"d '${cfg.mediaDir}/torrents/readarr' 0755 transmission media - -" "d '${cfg.mediaDir}/torrents/readarr' 0755 torrenter media - -"
]; ];
util-nixarr.vpnnamespace = { util-nixarr.vpnnamespace = {
nixarr/jellyfin/default.nix
+11 -5
View File
@@ -95,11 +95,13 @@ in {
mkIf cfg.enable mkIf cfg.enable
{ {
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 0700 jellyfin root - -" "d '${cfg.stateDir}' 0700 streamer root - -"
]; ];
services.jellyfin = { services.jellyfin = {
enable = cfg.enable; enable = cfg.enable;
user = "streamer";
group = "streamer";
logDir = "${cfg.stateDir}/log"; logDir = "${cfg.stateDir}/log";
cacheDir = "${cfg.stateDir}/cache"; cacheDir = "${cfg.stateDir}/cache";
dataDir = "${cfg.stateDir}/data"; dataDir = "${cfg.stateDir}/data";
@@ -186,11 +188,13 @@ in {
}; };
config = { config = {
users.groups.jellyfin = {}; users.groups.streamer = {
users.users.jellyfin = { gid = config.users.groups.streamer.gid;
uid = lib.mkForce config.users.users.jellyfin.uid; };
users.users.streamer = {
uid = lib.mkForce config.users.users.streamer.uid;
isSystemUser = true; isSystemUser = true;
group = "jellyfin"; group = "streamer";
}; };
# Use systemd-resolved inside the container # Use systemd-resolved inside the container
@@ -201,6 +205,8 @@ in {
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
user = "streamer";
group = "streamer";
logDir = "${cfg.stateDir}/log"; logDir = "${cfg.stateDir}/log";
cacheDir = "${cfg.stateDir}/cache"; cacheDir = "${cfg.stateDir}/cache";
dataDir = "${cfg.stateDir}/data"; dataDir = "${cfg.stateDir}/data";
nixarr/transmission/default.nix
+11 -10
View File
@@ -90,14 +90,15 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.stateDir}' 0700 transmission root - -" "d '${cfg.stateDir}' 0700 torrenter root - -"
# This is fixes a bug in nixpks TODO: create nixpkgs issue # This is fixes a bug in nixpks TODO: create nixpkgs issue
"d '${cfg.stateDir}/.config/transmission-daemon' 0700 transmission root - -" "d '${cfg.stateDir}/.config/transmission-daemon' 0700 torrenter root - -"
]; ];
services.transmission = mkIf (!cfg.vpn.enable) { services.transmission = mkIf (!cfg.vpn.enable) {
enable = true; enable = true;
group = "media"; user = "torrenter";
group = "torrenter";
home = cfg.stateDir; home = cfg.stateDir;
webHome = webHome =
if cfg.flood.enable if cfg.flood.enable
@@ -183,13 +184,13 @@ in {
}; };
config = { config = {
users.groups.media = { users.groups.torrenter = {
gid = config.users.groups.media.gid; gid = config.users.groups.torrenter.gid;
}; };
users.users.transmission = { users.users.torrenter = {
uid = lib.mkForce config.users.users.transmission.uid; uid = lib.mkForce config.users.users.torrenter.uid;
isSystemUser = true; isSystemUser = true;
group = "media"; group = "torrenter";
}; };
# Use systemd-resolved inside the container # Use systemd-resolved inside the container
@@ -205,8 +206,8 @@ in {
services.transmission = { services.transmission = {
enable = true; enable = true;
# This is maybe wrong, too afraid to fix it lol user = "torrenter";
group = "media"; group = "torrenter";
webHome = webHome =
if cfg.flood.enable if cfg.flood.enable
then pkgs.flood-for-transmission then pkgs.flood-for-transmission