From b24ef4d52fe9691f74ab071f447c4a48e11bb2e7 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:45:37 -0500 Subject: [PATCH] feat: test --- modules/nixos/services/jellyfin/default.nix | 72 +++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 modules/nixos/services/jellyfin/default.nix diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix new file mode 100644 index 0000000..7153901 --- /dev/null +++ b/modules/nixos/services/jellyfin/default.nix @@ -0,0 +1,72 @@ +{ flake, ... }: +let + inherit (flake.config.people) user0; + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) jellyfin web; + service = jellyfin; + localhost = web.localhost.address0; + host = "${service.subdomain}.${web.domains.url0}"; +in +{ + services = { + jellyfin = { + enable = true; + openFirewall = true; + user = user0; + }; + jellyseerr = { + openFirewall = true; + enable = true; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 + + reverse_proxy ${localhost}:${toString service.ports.port1} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; + + fileSystems = + let + settings = { + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + in + { + "/var/lib/${service.name}" = { + device = service.paths.path0; + } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path1}"; + } // settings; + }; + + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + ]; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + service.ports.port1 + service.ports.port2 + ]; + }; + }; +}