weilite/media: add group "media"

This commit is contained in:
xinyangli 2024-12-26 20:27:18 +08:00
parent 408ea16f6d
commit 6bf9d771a1
Signed by: xin
SSH key fingerprint: SHA256:UU5pRTl7NiLFJbWJZa+snLylZSXIz5rgHmwjzv8v4oE
4 changed files with 33 additions and 13 deletions

View file

@ -12,6 +12,13 @@
./services
];
options = {
node = lib.mkOption {
type = lib.types.attrs;
default = { };
};
};
config = {
networking.hostName = "weilite";
commonSettings = {
@ -21,6 +28,9 @@
};
comin.enable = true;
};
node = {
mediaDir = "/mnt/nixos/media";
};
boot = {
loader = {
@ -123,13 +133,6 @@
after = [ "mnt-nixos.mount" ];
wantedBy = [ "immich-server.service" ];
}
{
what = "/mnt/nixos/media";
where = "/var/lib/jellyfin/media";
options = "bind";
after = [ "mnt-nixos.mount" ];
wantedBy = [ "jellyfin.service" ];
}
];
hardware.graphics = {

View file

@ -1,7 +1,16 @@
{ config, pkgs, ... }:
let
cfg = config.services.jellyfin;
in
{
services.jellyfin.enable = true;
systemd.services.jellyfin.serviceConfig = {
BindReadOnlyPaths = [
"/mnt/nixos/media:${cfg.dataDir}/media"
];
};
environment.systemPackages = with pkgs; [
jellyfin
jellyfin-web
@ -12,4 +21,5 @@
'';
networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
users.users.jellyfin.extraGroups = [ "render" ];
users.groups.media.members = [ cfg.user ];
}

View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ config, pkgs, ... }:
{
services.jackett = {
enable = true;
@ -27,4 +27,9 @@
services.radarr = {
enable = true;
};
users.groups.media.members = [
config.services.sonarr.user
config.services.radarr.user
];
}

View file

@ -1,4 +1,4 @@
{ config, ... }:
{ config, pkgs, ... }:
let
cfg = config.services.transmission;
in
@ -15,13 +15,14 @@ in
services.transmission = {
enable = true;
package = pkgs.transmission_4;
openPeerPorts = true;
credentialsFile = config.sops.templates."transmission-cred.json".path;
settings = {
download-dir = "/mnt/nixos/media";
incomplete-dir = "/mnt/nixos/transmission/incomplete";
alt-speed-down = 40960;
alt-speed-enabled = false;
alt-speed-enabled = true;
alt-speed-time-begin = 60;
alt-speed-time-day = 127;
alt-speed-time-enabled = true;
@ -30,16 +31,16 @@ in
bind-address-ipv4 = "0.0.0.0";
bind-address-ipv6 = "::";
download-queue-enabled = true;
download-queue-size = 5;
download-queue-size = 10;
incomplete-dir-enabled = true;
lpd-enabled = false;
message-level = 2;
message-level = 4;
peer-congestion-algorithm = "";
peer-id-ttl-hours = 6;
peer-limit-global = 200;
peer-limit-per-torrent = 50;
peer-port = 51413;
peer-socket-tos = "cs2";
peer-socket-tos = "cs1";
pex-enabled = true;
preallocation = 1;
prefetch-enabled = true;
@ -64,4 +65,5 @@ in
reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port}
'';
networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan
users.groups.media.members = [ cfg.user ];
}