From 6bf9d771a1a66a92811e1e816d75f6aff039b84f Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 26 Dec 2024 20:27:18 +0800 Subject: [PATCH] weilite/media: add group "media" --- machines/weilite/default.nix | 17 ++++++++++------- machines/weilite/services/jellyfin.nix | 10 ++++++++++ machines/weilite/services/media-download.nix | 7 ++++++- machines/weilite/services/transmission.nix | 12 +++++++----- 4 files changed, 33 insertions(+), 13 deletions(-) diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index c3a70d0..cb5804b 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -12,6 +12,13 @@ ./services ]; + options = { + node = lib.mkOption { + type = lib.types.attrs; + default = { }; + }; + }; + config = { networking.hostName = "weilite"; commonSettings = { @@ -21,6 +28,9 @@ }; comin.enable = true; }; + node = { + mediaDir = "/mnt/nixos/media"; + }; boot = { loader = { @@ -123,13 +133,6 @@ after = [ "mnt-nixos.mount" ]; wantedBy = [ "immich-server.service" ]; } - { - what = "/mnt/nixos/media"; - where = "/var/lib/jellyfin/media"; - options = "bind"; - after = [ "mnt-nixos.mount" ]; - wantedBy = [ "jellyfin.service" ]; - } ]; hardware.graphics = { diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix index d321de5..025386b 100644 --- a/machines/weilite/services/jellyfin.nix +++ b/machines/weilite/services/jellyfin.nix @@ -1,7 +1,16 @@ { config, pkgs, ... }: +let + cfg = config.services.jellyfin; +in { services.jellyfin.enable = true; + systemd.services.jellyfin.serviceConfig = { + BindReadOnlyPaths = [ + "/mnt/nixos/media:${cfg.dataDir}/media" + ]; + }; + environment.systemPackages = with pkgs; [ jellyfin jellyfin-web @@ -12,4 +21,5 @@ ''; networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan users.users.jellyfin.extraGroups = [ "render" ]; + users.groups.media.members = [ cfg.user ]; } diff --git a/machines/weilite/services/media-download.nix b/machines/weilite/services/media-download.nix index 6f22744..a161931 100644 --- a/machines/weilite/services/media-download.nix +++ b/machines/weilite/services/media-download.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { services.jackett = { enable = true; @@ -27,4 +27,9 @@ services.radarr = { enable = true; }; + + users.groups.media.members = [ + config.services.sonarr.user + config.services.radarr.user + ]; } diff --git a/machines/weilite/services/transmission.nix b/machines/weilite/services/transmission.nix index be7bb39..b025819 100644 --- a/machines/weilite/services/transmission.nix +++ b/machines/weilite/services/transmission.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: let cfg = config.services.transmission; in @@ -15,13 +15,14 @@ in services.transmission = { enable = true; + package = pkgs.transmission_4; openPeerPorts = true; credentialsFile = config.sops.templates."transmission-cred.json".path; settings = { download-dir = "/mnt/nixos/media"; incomplete-dir = "/mnt/nixos/transmission/incomplete"; alt-speed-down = 40960; - alt-speed-enabled = false; + alt-speed-enabled = true; alt-speed-time-begin = 60; alt-speed-time-day = 127; alt-speed-time-enabled = true; @@ -30,16 +31,16 @@ in bind-address-ipv4 = "0.0.0.0"; bind-address-ipv6 = "::"; download-queue-enabled = true; - download-queue-size = 5; + download-queue-size = 10; incomplete-dir-enabled = true; lpd-enabled = false; - message-level = 2; + message-level = 4; peer-congestion-algorithm = ""; peer-id-ttl-hours = 6; peer-limit-global = 200; peer-limit-per-torrent = 50; peer-port = 51413; - peer-socket-tos = "cs2"; + peer-socket-tos = "cs1"; pex-enabled = true; preallocation = 1; prefetch-enabled = true; @@ -64,4 +65,5 @@ in reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port} ''; networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan + users.groups.media.members = [ cfg.user ]; }