44 lines
1.0 KiB
Nix
44 lines
1.0 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
service_configs,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
(lib.serviceMountWithZpool "jellyseerr" service_configs.zpool_ssds [
|
|
service_configs.jellyseerr.configDir
|
|
])
|
|
(lib.serviceFilePerms "jellyseerr" [
|
|
"Z ${service_configs.jellyseerr.configDir} 0700 jellyseerr jellyseerr"
|
|
])
|
|
];
|
|
|
|
services.jellyseerr = {
|
|
enable = true;
|
|
port = service_configs.ports.jellyseerr;
|
|
configDir = service_configs.jellyseerr.configDir;
|
|
};
|
|
|
|
systemd.services.jellyseerr.serviceConfig = {
|
|
DynamicUser = lib.mkForce false;
|
|
User = "jellyseerr";
|
|
Group = "jellyseerr";
|
|
ReadWritePaths = [ service_configs.jellyseerr.configDir ];
|
|
};
|
|
|
|
users.users.jellyseerr = {
|
|
isSystemUser = true;
|
|
group = "jellyseerr";
|
|
home = service_configs.jellyseerr.configDir;
|
|
};
|
|
|
|
users.groups.jellyseerr = { };
|
|
|
|
services.caddy.virtualHosts."jellyseerr.${service_configs.https.domain}".extraConfig = ''
|
|
import ${config.age.secrets.caddy_auth.path}
|
|
reverse_proxy :${builtins.toString service_configs.ports.jellyseerr}
|
|
'';
|
|
}
|