fujin/nixarr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Formatted

Browse Source
This commit is contained in:
rasmus-kirk
2024-12-04 18:20:42 +01:00
parent 7d1dd5e07e
commit c6a6d0f872
12 changed files with 200 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flake.nix
+4 -3
View File
@@ -11,8 +11,7 @@
nixpkgs, nixpkgs,
vpnconfinement, vpnconfinement,
... ...
} @ inputs: } @ inputs: let
let
# Systems supported # Systems supported
supportedSystems = [ supportedSystems = [
"x86_64-linux" # 64-bit Intel/AMD Linux "x86_64-linux" # 64-bit Intel/AMD Linux
@@ -22,7 +21,9 @@
]; ];
# Helper to provide system-specific attributes # Helper to provide system-specific attributes
forAllSystems = f: nixpkgs.lib.genAttrs supportedSystems (system: f { forAllSystems = f:
nixpkgs.lib.genAttrs supportedSystems (system:
f {
pkgs = import nixpkgs {inherit system;}; pkgs = import nixpkgs {inherit system;};
}); });
in { in {
nixarr/default.nix
+22 -11
View File
@@ -21,44 +21,55 @@ with lib; let
fix-permissions = pkgs.writeShellApplication { fix-permissions = pkgs.writeShellApplication {
name = "fix-permissions"; name = "fix-permissions";
runtimeInputs = with pkgs; [util-linux]; runtimeInputs = with pkgs; [util-linux];
text = '' text =
''
if [ "$EUID" -ne 0 ]; then if [ "$EUID" -ne 0 ]; then
echo "Please run as root" echo "Please run as root"
exit exit
fi fi
find "${cfg.mediaDir}" \( -type d -exec chmod 0775 {} + -true \) -o \( -exec chmod 0664 {} + \) find "${cfg.mediaDir}" \( -type d -exec chmod 0775 {} + -true \) -o \( -exec chmod 0664 {} + \)
'' + strings.optionalString cfg.jellyfin.enable '' ''
+ strings.optionalString cfg.jellyfin.enable ''
chown -R streamer:media "${cfg.mediaDir}/library" chown -R streamer:media "${cfg.mediaDir}/library"
chown -R streamer:root "${cfg.jellyfin.stateDir}" chown -R streamer:root "${cfg.jellyfin.stateDir}"
find "${cfg.jellyfin.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.jellyfin.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.transmission.enable '' ''
+ strings.optionalString cfg.transmission.enable ''
chown -R torrenter:media "${cfg.mediaDir}/torrents" chown -R torrenter:media "${cfg.mediaDir}/torrents"
chown -R torrenter:cross-seed "${cfg.transmission.stateDir}" chown -R torrenter:cross-seed "${cfg.transmission.stateDir}"
find "${cfg.transmission.stateDir}" \( -type d -exec chmod 0750 {} + -true \) -o \( -exec chmod 0640 {} + \) find "${cfg.transmission.stateDir}" \( -type d -exec chmod 0750 {} + -true \) -o \( -exec chmod 0640 {} + \)
'' + strings.optionalString cfg.sabnzbd.enable '' ''
+ strings.optionalString cfg.sabnzbd.enable ''
chown -R usenet:media "${cfg.mediaDir}/usenet" chown -R usenet:media "${cfg.mediaDir}/usenet"
chown -R usenet:root "${cfg.sabnzbd.stateDir}" chown -R usenet:root "${cfg.sabnzbd.stateDir}"
find "${cfg.sabnzbd.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.sabnzbd.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.transmission.privateTrackers.cross-seed.enable '' ''
+ strings.optionalString cfg.transmission.privateTrackers.cross-seed.enable ''
chown -R cross-seed:root "${cfg.transmission.privateTrackers.cross-seed.stateDir}" chown -R cross-seed:root "${cfg.transmission.privateTrackers.cross-seed.stateDir}"
find "${cfg.transmission.privateTrackers.cross-seed.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.transmission.privateTrackers.cross-seed.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.prowlarr.enable '' ''
+ strings.optionalString cfg.prowlarr.enable ''
chown -R prowlarr:root "${cfg.prowlarr.stateDir}" chown -R prowlarr:root "${cfg.prowlarr.stateDir}"
find "${cfg.prowlarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.prowlarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.sonarr.enable '' ''
+ strings.optionalString cfg.sonarr.enable ''
chown -R sonarr:root "${cfg.sonarr.stateDir}" chown -R sonarr:root "${cfg.sonarr.stateDir}"
find "${cfg.sonarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.sonarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.radarr.enable '' ''
+ strings.optionalString cfg.radarr.enable ''
chown -R radarr:root "${cfg.radarr.stateDir}" chown -R radarr:root "${cfg.radarr.stateDir}"
find "${cfg.radarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.radarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.lidarr.enable '' ''
+ strings.optionalString cfg.lidarr.enable ''
chown -R lidarr:root "${cfg.lidarr.stateDir}" chown -R lidarr:root "${cfg.lidarr.stateDir}"
find "${cfg.lidarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.lidarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.bazarr.enable '' ''
+ strings.optionalString cfg.bazarr.enable ''
chown -R bazarr:root "${cfg.bazarr.stateDir}" chown -R bazarr:root "${cfg.bazarr.stateDir}"
find "${cfg.bazarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.bazarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
'' + strings.optionalString cfg.readarr.enable '' ''
+ strings.optionalString cfg.readarr.enable ''
chown -R readarr:root "${cfg.readarr.stateDir}" chown -R readarr:root "${cfg.readarr.stateDir}"
find "${cfg.readarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \) find "${cfg.readarr.stateDir}" \( -type d -exec chmod 0700 {} + -true \) -o \( -exec chmod 0600 {} + \)
''; '';
nixarr/sabnzbd/default.nix
+4 -2
View File
@@ -154,7 +154,8 @@ in {
user-configs user-configs
); );
apply-user-configs-script = pkgs.writers.writePython3Bin "sabnzbd-set-user-values" { apply-user-configs-script =
pkgs.writers.writePython3Bin "sabnzbd-set-user-values" {
libraries = [pkgs.python3Packages.configobj]; libraries = [pkgs.python3Packages.configobj];
} '' } ''
# flake8: noqa # flake8: noqa
@@ -171,7 +172,8 @@ in {
sab_config_map.write() sab_config_map.write()
''; '';
in mkIf cfg.enable { in
mkIf cfg.enable {
users = { users = {
groups.usenet = {}; groups.usenet = {};
users.usenet = { users.usenet = {
nixarr/transmission/default.nix
+2 -1
View File
@@ -388,7 +388,8 @@ in {
rpc-whitelist-enabled = true; rpc-whitelist-enabled = true;
rpc-whitelist = strings.concatStringsSep "," ([ rpc-whitelist = strings.concatStringsSep "," ([
"127.0.0.1,192.168.*,10.*" # Defaults "127.0.0.1,192.168.*,10.*" # Defaults
] ++ cfg.extraAllowedIps); ]
++ cfg.extraAllowedIps);
rpc-authentication-required = false; rpc-authentication-required = false;
blocklist-enabled = true; blocklist-enabled = true;