1
0
Fork 0

fix arr setup (#224)

This commit is contained in:
Pierre Penninckx 2024-04-10 23:52:24 -07:00 committed by GitHub
parent b9db764a8b
commit 26f406db5f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 46 additions and 26 deletions

View file

@ -4,7 +4,7 @@ rec {
let let
configWithTemplates = withReplacements userConfig; configWithTemplates = withReplacements userConfig;
nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator configWithTemplates); nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator "template" configWithTemplates);
replacements = getReplacements userConfig; replacements = getReplacements userConfig;
in in
@ -13,7 +13,11 @@ rec {
inherit resultPath replacements; inherit resultPath replacements;
}; };
template = file: newPath: replacements: replaceSecretsScript { inherit file replacements; resultPath = newPath; }; template = file: newPath: replacements: replaceSecretsScript {
inherit file replacements;
resultPath = newPath;
};
replaceSecretsScript = { file, resultPath, replacements }: replaceSecretsScript = { file, resultPath, replacements }:
let let
templatePath = resultPath + ".template"; templatePath = resultPath + ".template";
@ -25,7 +29,11 @@ rec {
mkdir -p $(dirname ${templatePath}) mkdir -p $(dirname ${templatePath})
ln -fs ${file} ${templatePath} ln -fs ${file} ${templatePath}
rm -f ${resultPath} rm -f ${resultPath}
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath} if [ -z "${sedPatterns}" ]; then
cat ${templatePath} > ${resultPath}
else
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath}
fi
''; '';
secretFileType = lib.types.submodule { secretFileType = lib.types.submodule {

View file

@ -341,7 +341,7 @@ in
identity_providers.oidc.clients = clients; identity_providers.oidc.clients = clients;
}; };
resultPath = "/var/lib/authelia-${fqdn}/oidc_clients.yaml"; resultPath = "/var/lib/authelia-${fqdn}/oidc_clients.yaml";
generator = lib.generators.toYAML {}; generator = name: value: lib.generators.toYAML {} value;
}; };
in in
lib.mkBefore (mkCfg cfg.oidcClients); lib.mkBefore (mkCfg cfg.oidcClients);

View file

@ -306,7 +306,7 @@ let
}; };
in valueType; in valueType;
generate = value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" { generate = name: value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" {
value = builtins.toJSON {Config = value;}; value = builtins.toJSON {Config = value;};
passAsFile = [ "value" ]; passAsFile = [ "value" ];
} (pkgs.writers.writePython3 "dict2xml" { } (pkgs.writers.writePython3 "dict2xml" {
@ -381,7 +381,7 @@ in
{ {
options.shb.arr = lib.listToAttrs (lib.mapAttrsToList appOption apps); options.shb.arr = lib.listToAttrs (lib.mapAttrsToList appOption apps);
config = lib.mkMerge ([ config = lib.mkMerge [
(lib.mkIf cfg.radarr.enable ( (lib.mkIf cfg.radarr.enable (
let let
cfg' = cfg.radarr; cfg' = cfg.radarr;
@ -395,10 +395,6 @@ in
dataDir = "/var/lib/radarr"; dataDir = "/var/lib/radarr";
}; };
users.users.radarr = {
extraGroups = [ "media" ];
};
systemd.services.radarr.preStart = shblib.replaceSecrets { systemd.services.radarr.preStart = shblib.replaceSecrets {
userConfig = cfg'.settings userConfig = cfg'.settings
// (lib.optionalAttrs isSSOEnabled { // (lib.optionalAttrs isSSOEnabled {
@ -417,7 +413,8 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "radarr")) }))
(lib.mkIf cfg.radarr.enable (backup "radarr"))
(lib.mkIf cfg.sonarr.enable ( (lib.mkIf cfg.sonarr.enable (
let let
@ -453,11 +450,13 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "sonarr")) }))
(lib.mkIf cfg.sonarr.enable (backup "sonarr"))
(lib.mkIf cfg.bazarr.enable ( (lib.mkIf cfg.bazarr.enable (
let let
cfg' = cfg.bazarr; cfg' = cfg.bazarr;
isSSOEnabled = !(isNull cfg'.authEndpoint);
in in
{ {
services.bazarr = { services.bazarr = {
@ -468,8 +467,12 @@ in
extraGroups = [ "media" ]; extraGroups = [ "media" ];
}; };
systemd.services.bazarr.preStart = shblib.replaceSecrets { systemd.services.bazarr.preStart = shblib.replaceSecrets {
userConfig = cfg'.settings; userConfig = cfg'.settings
resultPath = "/var/lib/${config.systemd.services.bazarr.serviceConfig.StateDirectory}/config.xml"; // (lib.optionalAttrs isSSOEnabled {
AuthenticationRequired = "DisabledForLocalAddresses";
AuthenticationMethod = "External";
});
resultPath = "/var/lib/bazarr/config.xml";
generator = apps.bazarr.settingsFormat.generate; generator = apps.bazarr.settingsFormat.generate;
}; };
@ -481,7 +484,8 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "bazarr")) }))
(lib.mkIf cfg.bazarr.enable (backup "sonarr"))
(lib.mkIf cfg.readarr.enable ( (lib.mkIf cfg.readarr.enable (
let let
@ -509,11 +513,13 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "readarr")) }))
(lib.mkIf cfg.readarr.enable (backup "bazarr"))
(lib.mkIf cfg.lidarr.enable ( (lib.mkIf cfg.lidarr.enable (
let let
cfg' = cfg.lidarr; cfg' = cfg.lidarr;
isSSOEnabled = !(isNull cfg'.authEndpoint);
in in
{ {
services.lidarr = { services.lidarr = {
@ -524,7 +530,11 @@ in
extraGroups = [ "media" ]; extraGroups = [ "media" ];
}; };
systemd.services.lidarr.preStart = shblib.replaceSecrets { systemd.services.lidarr.preStart = shblib.replaceSecrets {
userConfig = cfg'.settings; userConfig = cfg'.settings
// (lib.optionalAttrs isSSOEnabled {
AuthenticationRequired = "DisabledForLocalAddresses";
AuthenticationMethod = "External";
});
resultPath = "${config.services.lidarr.dataDir}/config.xml"; resultPath = "${config.services.lidarr.dataDir}/config.xml";
generator = apps.lidarr.settingsFormat.generate; generator = apps.lidarr.settingsFormat.generate;
}; };
@ -537,7 +547,8 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "lidarr")) }))
(lib.mkIf cfg.lidarr.enable (backup "readarr"))
(lib.mkIf cfg.jackett.enable ( (lib.mkIf cfg.jackett.enable (
let let
@ -553,7 +564,7 @@ in
}; };
systemd.services.jackett.preStart = shblib.replaceSecrets { systemd.services.jackett.preStart = shblib.replaceSecrets {
userConfig = cfg'.settings; userConfig = cfg'.settings;
resultPath = "${config.services.jackett.dataDir}/config.xml"; resultPath = "${config.services.jackett.dataDir}/ServerConfig.json";
generator = apps.jackett.settingsFormat.generate; generator = apps.jackett.settingsFormat.generate;
}; };
@ -567,6 +578,7 @@ in
]; ];
excludePatterns = [".db-shm" ".db-wal" ".mono"]; excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
} // backup "jackett")) }))
]); (lib.mkIf cfg.jackett.enable (backup "lidarr"))
];
} }

View file

@ -299,7 +299,7 @@ in
'' + shblib.replaceSecrets { '' + shblib.replaceSecrets {
userConfig = cfg.config; userConfig = cfg.config;
resultPath = "${config.services.home-assistant.configDir}/secrets.yaml"; resultPath = "${config.services.home-assistant.configDir}/secrets.yaml";
generator = lib.generators.toYAML {}; generator = name: value: lib.generators.toYAML {} value;
}); });
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [

View file

@ -155,7 +155,7 @@ in
SMTP_PASSWORD.source = cfg.smtp.passwordFile; SMTP_PASSWORD.source = cfg.smtp.passwordFile;
}; };
resultPath = "/var/lib/bitwarden_rs/vaultwarden.env"; resultPath = "/var/lib/bitwarden_rs/vaultwarden.env";
generator = v: lib.generators.toINIWithGlobalSection {} { globalSection = v; }; generator = name: v: lib.generators.toINIWithGlobalSection {} { globalSection = v; };
}; };
shb.nginx.autheliaProtect = [ shb.nginx.autheliaProtect = [

View file

@ -126,7 +126,7 @@ in
enable = true; enable = true;
authEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
settings = { settings = {
APIKeyFile = "/run/radarr/apikey"; APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
}; };
}; };
}; };
@ -199,7 +199,7 @@ in
enable = true; enable = true;
authEndpoint = "https://oidc.example.com"; authEndpoint = "https://oidc.example.com";
settings = { settings = {
APIKeyFile = "/run/radarr/apikey"; APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
}; };
backupCfg = { backupCfg = {
enable = true; enable = true;

View file

@ -39,7 +39,7 @@ in
replaceInTemplate2 = shblib.replaceSecrets { replaceInTemplate2 = shblib.replaceSecrets {
inherit userConfig; inherit userConfig;
resultPath = "/var/lib/config2.yaml"; resultPath = "/var/lib/config2.yaml";
generator = lib.generators.toJSON {}; generator = name: value: lib.generators.toJSON {} value;
}; };
in in
pkgs.testers.runNixOSTest { pkgs.testers.runNixOSTest {