fix arr setup (#224)
This commit is contained in:
Pierre Penninckx
GitHub
parent
b9db764a8b
commit
26f406db5f
7 changed files with 46 additions and 26 deletions
|
|
@ -4,7 +4,7 @@ rec {
|
|||
let
|
||||
configWithTemplates = withReplacements userConfig;
|
||||
|
||||
nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator configWithTemplates);
|
||||
nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator "template" configWithTemplates);
|
||||
|
||||
replacements = getReplacements userConfig;
|
||||
in
|
||||
|
|
@ -13,7 +13,11 @@ rec {
|
|||
inherit resultPath replacements;
|
||||
};
|
||||
|
||||
template = file: newPath: replacements: replaceSecretsScript { inherit file replacements; resultPath = newPath; };
|
||||
template = file: newPath: replacements: replaceSecretsScript {
|
||||
inherit file replacements;
|
||||
resultPath = newPath;
|
||||
};
|
||||
|
||||
replaceSecretsScript = { file, resultPath, replacements }:
|
||||
let
|
||||
templatePath = resultPath + ".template";
|
||||
|
|
@ -25,7 +29,11 @@ rec {
|
|||
mkdir -p $(dirname ${templatePath})
|
||||
ln -fs ${file} ${templatePath}
|
||||
rm -f ${resultPath}
|
||||
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath}
|
||||
if [ -z "${sedPatterns}" ]; then
|
||||
cat ${templatePath} > ${resultPath}
|
||||
else
|
||||
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath}
|
||||
fi
|
||||
'';
|
||||
|
||||
secretFileType = lib.types.submodule {
|
||||
|
|
|
|||
|
|
@ -341,7 +341,7 @@ in
|
|||
identity_providers.oidc.clients = clients;
|
||||
};
|
||||
resultPath = "/var/lib/authelia-${fqdn}/oidc_clients.yaml";
|
||||
generator = lib.generators.toYAML {};
|
||||
generator = name: value: lib.generators.toYAML {} value;
|
||||
};
|
||||
in
|
||||
lib.mkBefore (mkCfg cfg.oidcClients);
|
||||
|
|
|
|||
|
|
@ -306,7 +306,7 @@ let
|
|||
};
|
||||
in valueType;
|
||||
|
||||
generate = value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" {
|
||||
generate = name: value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" {
|
||||
value = builtins.toJSON {Config = value;};
|
||||
passAsFile = [ "value" ];
|
||||
} (pkgs.writers.writePython3 "dict2xml" {
|
||||
|
|
@ -381,7 +381,7 @@ in
|
|||
{
|
||||
options.shb.arr = lib.listToAttrs (lib.mapAttrsToList appOption apps);
|
||||
|
||||
config = lib.mkMerge ([
|
||||
config = lib.mkMerge [
|
||||
(lib.mkIf cfg.radarr.enable (
|
||||
let
|
||||
cfg' = cfg.radarr;
|
||||
|
|
@ -395,10 +395,6 @@ in
|
|||
dataDir = "/var/lib/radarr";
|
||||
};
|
||||
|
||||
users.users.radarr = {
|
||||
extraGroups = [ "media" ];
|
||||
};
|
||||
|
||||
systemd.services.radarr.preStart = shblib.replaceSecrets {
|
||||
userConfig = cfg'.settings
|
||||
// (lib.optionalAttrs isSSOEnabled {
|
||||
|
|
@ -417,7 +413,8 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "radarr"))
|
||||
}))
|
||||
(lib.mkIf cfg.radarr.enable (backup "radarr"))
|
||||
|
||||
(lib.mkIf cfg.sonarr.enable (
|
||||
let
|
||||
|
|
@ -453,11 +450,13 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "sonarr"))
|
||||
}))
|
||||
(lib.mkIf cfg.sonarr.enable (backup "sonarr"))
|
||||
|
||||
(lib.mkIf cfg.bazarr.enable (
|
||||
let
|
||||
cfg' = cfg.bazarr;
|
||||
isSSOEnabled = !(isNull cfg'.authEndpoint);
|
||||
in
|
||||
{
|
||||
services.bazarr = {
|
||||
|
|
@ -468,8 +467,12 @@ in
|
|||
extraGroups = [ "media" ];
|
||||
};
|
||||
systemd.services.bazarr.preStart = shblib.replaceSecrets {
|
||||
userConfig = cfg'.settings;
|
||||
resultPath = "/var/lib/${config.systemd.services.bazarr.serviceConfig.StateDirectory}/config.xml";
|
||||
userConfig = cfg'.settings
|
||||
// (lib.optionalAttrs isSSOEnabled {
|
||||
AuthenticationRequired = "DisabledForLocalAddresses";
|
||||
AuthenticationMethod = "External";
|
||||
});
|
||||
resultPath = "/var/lib/bazarr/config.xml";
|
||||
generator = apps.bazarr.settingsFormat.generate;
|
||||
};
|
||||
|
||||
|
|
@ -481,7 +484,8 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "bazarr"))
|
||||
}))
|
||||
(lib.mkIf cfg.bazarr.enable (backup "sonarr"))
|
||||
|
||||
(lib.mkIf cfg.readarr.enable (
|
||||
let
|
||||
|
|
@ -509,11 +513,13 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "readarr"))
|
||||
}))
|
||||
(lib.mkIf cfg.readarr.enable (backup "bazarr"))
|
||||
|
||||
(lib.mkIf cfg.lidarr.enable (
|
||||
let
|
||||
cfg' = cfg.lidarr;
|
||||
isSSOEnabled = !(isNull cfg'.authEndpoint);
|
||||
in
|
||||
{
|
||||
services.lidarr = {
|
||||
|
|
@ -524,7 +530,11 @@ in
|
|||
extraGroups = [ "media" ];
|
||||
};
|
||||
systemd.services.lidarr.preStart = shblib.replaceSecrets {
|
||||
userConfig = cfg'.settings;
|
||||
userConfig = cfg'.settings
|
||||
// (lib.optionalAttrs isSSOEnabled {
|
||||
AuthenticationRequired = "DisabledForLocalAddresses";
|
||||
AuthenticationMethod = "External";
|
||||
});
|
||||
resultPath = "${config.services.lidarr.dataDir}/config.xml";
|
||||
generator = apps.lidarr.settingsFormat.generate;
|
||||
};
|
||||
|
|
@ -537,7 +547,8 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "lidarr"))
|
||||
}))
|
||||
(lib.mkIf cfg.lidarr.enable (backup "readarr"))
|
||||
|
||||
(lib.mkIf cfg.jackett.enable (
|
||||
let
|
||||
|
|
@ -553,7 +564,7 @@ in
|
|||
};
|
||||
systemd.services.jackett.preStart = shblib.replaceSecrets {
|
||||
userConfig = cfg'.settings;
|
||||
resultPath = "${config.services.jackett.dataDir}/config.xml";
|
||||
resultPath = "${config.services.jackett.dataDir}/ServerConfig.json";
|
||||
generator = apps.jackett.settingsFormat.generate;
|
||||
};
|
||||
|
||||
|
|
@ -567,6 +578,7 @@ in
|
|||
];
|
||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||
};
|
||||
} // backup "jackett"))
|
||||
]);
|
||||
}))
|
||||
(lib.mkIf cfg.jackett.enable (backup "lidarr"))
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -299,7 +299,7 @@ in
|
|||
'' + shblib.replaceSecrets {
|
||||
userConfig = cfg.config;
|
||||
resultPath = "${config.services.home-assistant.configDir}/secrets.yaml";
|
||||
generator = lib.generators.toYAML {};
|
||||
generator = name: value: lib.generators.toYAML {} value;
|
||||
});
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
|
|
|||
|
|
@ -155,7 +155,7 @@ in
|
|||
SMTP_PASSWORD.source = cfg.smtp.passwordFile;
|
||||
};
|
||||
resultPath = "/var/lib/bitwarden_rs/vaultwarden.env";
|
||||
generator = v: lib.generators.toINIWithGlobalSection {} { globalSection = v; };
|
||||
generator = name: v: lib.generators.toINIWithGlobalSection {} { globalSection = v; };
|
||||
};
|
||||
|
||||
shb.nginx.autheliaProtect = [
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ in
|
|||
enable = true;
|
||||
authEndpoint = "https://oidc.example.com";
|
||||
settings = {
|
||||
APIKeyFile = "/run/radarr/apikey";
|
||||
APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
@ -199,7 +199,7 @@ in
|
|||
enable = true;
|
||||
authEndpoint = "https://oidc.example.com";
|
||||
settings = {
|
||||
APIKeyFile = "/run/radarr/apikey";
|
||||
APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
|
||||
};
|
||||
backupCfg = {
|
||||
enable = true;
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ in
|
|||
replaceInTemplate2 = shblib.replaceSecrets {
|
||||
inherit userConfig;
|
||||
resultPath = "/var/lib/config2.yaml";
|
||||
generator = lib.generators.toJSON {};
|
||||
generator = name: value: lib.generators.toJSON {} value;
|
||||
};
|
||||
in
|
||||
pkgs.testers.runNixOSTest {
|
||||
|
|
|
|||
Loading…
Reference in a new issue