fix: pyload
This commit is contained in:
@@ -3,27 +3,42 @@ let
|
||||
cids = import ./staticids.nix;
|
||||
networkPrefix = config.networkPrefix;
|
||||
|
||||
user = {
|
||||
pyloadUser = {
|
||||
isSystemUser = true;
|
||||
uid = cids.uids.pyload;
|
||||
group = "pyload";
|
||||
home = "/var/lib/pyload";
|
||||
createHome = true;
|
||||
};
|
||||
group = {
|
||||
pyloadGroup = {
|
||||
gid = cids.gids.pyload;
|
||||
};
|
||||
|
||||
jellyfinUser = {
|
||||
isSystemUser = true;
|
||||
uid = cids.uids.jellyfin;
|
||||
group = "jellyfin";
|
||||
home = "/var/lib/jellyfin";
|
||||
createHome = true;
|
||||
};
|
||||
jellyfinGroup = {
|
||||
gid = cids.gids.jellyfin;
|
||||
};
|
||||
in
|
||||
{
|
||||
users.users.pyload = user;
|
||||
users.groups.pyload = group;
|
||||
users.users.pyload = pyloadUser;
|
||||
users.groups.pyload = pyloadGroup;
|
||||
users.users.jellyfin = jellyfinUser;
|
||||
users.groups.jellyfin = jellyfinGroup;
|
||||
|
||||
# Create the multimedia directory structure on the host
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/lib/multimedia 0755 root root - -"
|
||||
"d /var/lib/multimedia/downloads 0755 pyload pyload - -"
|
||||
"d /var/lib/multimedia/movies 0755 pyload pyload - -"
|
||||
"d /var/lib/multimedia/tv-shows 0755 pyload pyload - -"
|
||||
"d /var/lib/multimedia/movies 0755 jellyfin jellyfin - -"
|
||||
"d /var/lib/multimedia/tv-shows 0755 jellyfin jellyfin - -"
|
||||
"d /var/lib/multimedia/music 0755 jellyfin jellyfin - -"
|
||||
"d /var/lib/jellyfin 0755 jellyfin jellyfin - -"
|
||||
];
|
||||
|
||||
containers.pyload = {
|
||||
@@ -39,6 +54,10 @@ in
|
||||
hostPath = "/var/lib/pyload";
|
||||
isReadOnly = false;
|
||||
};
|
||||
"/var/lib/jellyfin" = {
|
||||
hostPath = "/var/lib/jellyfin";
|
||||
isReadOnly = false;
|
||||
};
|
||||
"/multimedia" = {
|
||||
hostPath = "/var/lib/multimedia";
|
||||
isReadOnly = false;
|
||||
@@ -46,6 +65,19 @@ in
|
||||
};
|
||||
|
||||
config = { lib, config, pkgs, ... }: {
|
||||
nixpkgs.overlays = [
|
||||
(import ../utils/overlays/packages.nix)
|
||||
];
|
||||
|
||||
|
||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||
"unrar"
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
unrar # Required for RAR archive extraction
|
||||
];
|
||||
|
||||
networking = {
|
||||
hostName = "pyload";
|
||||
useHostResolvConf = false;
|
||||
@@ -64,8 +96,35 @@ in
|
||||
port = 8000;
|
||||
};
|
||||
|
||||
users.users.pyload = user;
|
||||
users.groups.pyload = group;
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# Disable SSL certificate verification
|
||||
systemd.services.pyload = {
|
||||
environment = {
|
||||
PYLOAD__GENERAL__SSL_VERIFY = "0";
|
||||
};
|
||||
|
||||
# Bind-mount DNS configuration files and system tools into the chroot
|
||||
serviceConfig = {
|
||||
BindReadOnlyPaths = [
|
||||
"/etc/resolv.conf"
|
||||
"/etc/nsswitch.conf"
|
||||
"/etc/hosts"
|
||||
"/etc/ssl"
|
||||
"/etc/static/ssl"
|
||||
# Make all system packages (including unrar) accessible
|
||||
"/run/current-system/sw/bin"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
users.users.pyload = pyloadUser;
|
||||
users.groups.pyload = pyloadGroup;
|
||||
users.users.jellyfin = jellyfinUser;
|
||||
users.groups.jellyfin = jellyfinGroup;
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user