diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix
index c3a70d0..cb5804b 100644
--- a/machines/weilite/default.nix
+++ b/machines/weilite/default.nix
@@ -12,6 +12,13 @@
./services
];
+ options = {
+ node = lib.mkOption {
+ type = lib.types.attrs;
+ default = { };
+ };
+ };
+
config = {
networking.hostName = "weilite";
commonSettings = {
@@ -21,6 +28,9 @@
};
comin.enable = true;
};
+ node = {
+ mediaDir = "/mnt/nixos/media";
+ };
boot = {
loader = {
@@ -123,13 +133,6 @@
after = [ "mnt-nixos.mount" ];
wantedBy = [ "immich-server.service" ];
}
- {
- what = "/mnt/nixos/media";
- where = "/var/lib/jellyfin/media";
- options = "bind";
- after = [ "mnt-nixos.mount" ];
- wantedBy = [ "jellyfin.service" ];
- }
];
hardware.graphics = {
diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix
index d321de5..025386b 100644
--- a/machines/weilite/services/jellyfin.nix
+++ b/machines/weilite/services/jellyfin.nix
@@ -1,7 +1,16 @@
{ config, pkgs, ... }:
+let
+ cfg = config.services.jellyfin;
+in
{
services.jellyfin.enable = true;
+ systemd.services.jellyfin.serviceConfig = {
+ BindReadOnlyPaths = [
+ "/mnt/nixos/media:${cfg.dataDir}/media"
+ ];
+ };
+
environment.systemPackages = with pkgs; [
jellyfin
jellyfin-web
@@ -12,4 +21,5 @@
'';
networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
users.users.jellyfin.extraGroups = [ "render" ];
+ users.groups.media.members = [ cfg.user ];
}
diff --git a/machines/weilite/services/media-download.nix b/machines/weilite/services/media-download.nix
index 6f22744..a161931 100644
--- a/machines/weilite/services/media-download.nix
+++ b/machines/weilite/services/media-download.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
services.jackett = {
enable = true;
@@ -27,4 +27,9 @@
services.radarr = {
enable = true;
};
+
+ users.groups.media.members = [
+ config.services.sonarr.user
+ config.services.radarr.user
+ ];
}
diff --git a/machines/weilite/services/transmission.nix b/machines/weilite/services/transmission.nix
index be7bb39..b025819 100644
--- a/machines/weilite/services/transmission.nix
+++ b/machines/weilite/services/transmission.nix
@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, pkgs, ... }:
let
cfg = config.services.transmission;
in
@@ -15,13 +15,14 @@ in
services.transmission = {
enable = true;
+ package = pkgs.transmission_4;
openPeerPorts = true;
credentialsFile = config.sops.templates."transmission-cred.json".path;
settings = {
download-dir = "/mnt/nixos/media";
incomplete-dir = "/mnt/nixos/transmission/incomplete";
alt-speed-down = 40960;
- alt-speed-enabled = false;
+ alt-speed-enabled = true;
alt-speed-time-begin = 60;
alt-speed-time-day = 127;
alt-speed-time-enabled = true;
@@ -30,16 +31,16 @@ in
bind-address-ipv4 = "0.0.0.0";
bind-address-ipv6 = "::";
download-queue-enabled = true;
- download-queue-size = 5;
+ download-queue-size = 10;
incomplete-dir-enabled = true;
lpd-enabled = false;
- message-level = 2;
+ message-level = 4;
peer-congestion-algorithm = "";
peer-id-ttl-hours = 6;
peer-limit-global = 200;
peer-limit-per-torrent = 50;
peer-port = 51413;
- peer-socket-tos = "cs2";
+ peer-socket-tos = "cs1";
pex-enabled = true;
preallocation = 1;
prefetch-enabled = true;
@@ -64,4 +65,5 @@ in
reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port}
'';
networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan
+ users.groups.media.members = [ cfg.user ];
}