fix arr setup (#224)
This commit is contained in:
parent
b9db764a8b
commit
26f406db5f
7 changed files with 46 additions and 26 deletions
|
@ -4,7 +4,7 @@ rec {
|
||||||
let
|
let
|
||||||
configWithTemplates = withReplacements userConfig;
|
configWithTemplates = withReplacements userConfig;
|
||||||
|
|
||||||
nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator configWithTemplates);
|
nonSecretConfigFile = pkgs.writeText "${resultPath}.template" (generator "template" configWithTemplates);
|
||||||
|
|
||||||
replacements = getReplacements userConfig;
|
replacements = getReplacements userConfig;
|
||||||
in
|
in
|
||||||
|
@ -13,7 +13,11 @@ rec {
|
||||||
inherit resultPath replacements;
|
inherit resultPath replacements;
|
||||||
};
|
};
|
||||||
|
|
||||||
template = file: newPath: replacements: replaceSecretsScript { inherit file replacements; resultPath = newPath; };
|
template = file: newPath: replacements: replaceSecretsScript {
|
||||||
|
inherit file replacements;
|
||||||
|
resultPath = newPath;
|
||||||
|
};
|
||||||
|
|
||||||
replaceSecretsScript = { file, resultPath, replacements }:
|
replaceSecretsScript = { file, resultPath, replacements }:
|
||||||
let
|
let
|
||||||
templatePath = resultPath + ".template";
|
templatePath = resultPath + ".template";
|
||||||
|
@ -25,7 +29,11 @@ rec {
|
||||||
mkdir -p $(dirname ${templatePath})
|
mkdir -p $(dirname ${templatePath})
|
||||||
ln -fs ${file} ${templatePath}
|
ln -fs ${file} ${templatePath}
|
||||||
rm -f ${resultPath}
|
rm -f ${resultPath}
|
||||||
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath}
|
if [ -z "${sedPatterns}" ]; then
|
||||||
|
cat ${templatePath} > ${resultPath}
|
||||||
|
else
|
||||||
|
${pkgs.gnused}/bin/sed ${sedPatterns} ${templatePath} > ${resultPath}
|
||||||
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
secretFileType = lib.types.submodule {
|
secretFileType = lib.types.submodule {
|
||||||
|
|
|
@ -341,7 +341,7 @@ in
|
||||||
identity_providers.oidc.clients = clients;
|
identity_providers.oidc.clients = clients;
|
||||||
};
|
};
|
||||||
resultPath = "/var/lib/authelia-${fqdn}/oidc_clients.yaml";
|
resultPath = "/var/lib/authelia-${fqdn}/oidc_clients.yaml";
|
||||||
generator = lib.generators.toYAML {};
|
generator = name: value: lib.generators.toYAML {} value;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
lib.mkBefore (mkCfg cfg.oidcClients);
|
lib.mkBefore (mkCfg cfg.oidcClients);
|
||||||
|
|
|
@ -306,7 +306,7 @@ let
|
||||||
};
|
};
|
||||||
in valueType;
|
in valueType;
|
||||||
|
|
||||||
generate = value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" {
|
generate = name: value: builtins.readFile (pkgs.callPackage ({ runCommand, python3 }: runCommand "config" {
|
||||||
value = builtins.toJSON {Config = value;};
|
value = builtins.toJSON {Config = value;};
|
||||||
passAsFile = [ "value" ];
|
passAsFile = [ "value" ];
|
||||||
} (pkgs.writers.writePython3 "dict2xml" {
|
} (pkgs.writers.writePython3 "dict2xml" {
|
||||||
|
@ -381,7 +381,7 @@ in
|
||||||
{
|
{
|
||||||
options.shb.arr = lib.listToAttrs (lib.mapAttrsToList appOption apps);
|
options.shb.arr = lib.listToAttrs (lib.mapAttrsToList appOption apps);
|
||||||
|
|
||||||
config = lib.mkMerge ([
|
config = lib.mkMerge [
|
||||||
(lib.mkIf cfg.radarr.enable (
|
(lib.mkIf cfg.radarr.enable (
|
||||||
let
|
let
|
||||||
cfg' = cfg.radarr;
|
cfg' = cfg.radarr;
|
||||||
|
@ -395,10 +395,6 @@ in
|
||||||
dataDir = "/var/lib/radarr";
|
dataDir = "/var/lib/radarr";
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.radarr = {
|
|
||||||
extraGroups = [ "media" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.radarr.preStart = shblib.replaceSecrets {
|
systemd.services.radarr.preStart = shblib.replaceSecrets {
|
||||||
userConfig = cfg'.settings
|
userConfig = cfg'.settings
|
||||||
// (lib.optionalAttrs isSSOEnabled {
|
// (lib.optionalAttrs isSSOEnabled {
|
||||||
|
@ -417,7 +413,8 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "radarr"))
|
}))
|
||||||
|
(lib.mkIf cfg.radarr.enable (backup "radarr"))
|
||||||
|
|
||||||
(lib.mkIf cfg.sonarr.enable (
|
(lib.mkIf cfg.sonarr.enable (
|
||||||
let
|
let
|
||||||
|
@ -453,11 +450,13 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "sonarr"))
|
}))
|
||||||
|
(lib.mkIf cfg.sonarr.enable (backup "sonarr"))
|
||||||
|
|
||||||
(lib.mkIf cfg.bazarr.enable (
|
(lib.mkIf cfg.bazarr.enable (
|
||||||
let
|
let
|
||||||
cfg' = cfg.bazarr;
|
cfg' = cfg.bazarr;
|
||||||
|
isSSOEnabled = !(isNull cfg'.authEndpoint);
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
services.bazarr = {
|
services.bazarr = {
|
||||||
|
@ -468,8 +467,12 @@ in
|
||||||
extraGroups = [ "media" ];
|
extraGroups = [ "media" ];
|
||||||
};
|
};
|
||||||
systemd.services.bazarr.preStart = shblib.replaceSecrets {
|
systemd.services.bazarr.preStart = shblib.replaceSecrets {
|
||||||
userConfig = cfg'.settings;
|
userConfig = cfg'.settings
|
||||||
resultPath = "/var/lib/${config.systemd.services.bazarr.serviceConfig.StateDirectory}/config.xml";
|
// (lib.optionalAttrs isSSOEnabled {
|
||||||
|
AuthenticationRequired = "DisabledForLocalAddresses";
|
||||||
|
AuthenticationMethod = "External";
|
||||||
|
});
|
||||||
|
resultPath = "/var/lib/bazarr/config.xml";
|
||||||
generator = apps.bazarr.settingsFormat.generate;
|
generator = apps.bazarr.settingsFormat.generate;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -481,7 +484,8 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "bazarr"))
|
}))
|
||||||
|
(lib.mkIf cfg.bazarr.enable (backup "sonarr"))
|
||||||
|
|
||||||
(lib.mkIf cfg.readarr.enable (
|
(lib.mkIf cfg.readarr.enable (
|
||||||
let
|
let
|
||||||
|
@ -509,11 +513,13 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "readarr"))
|
}))
|
||||||
|
(lib.mkIf cfg.readarr.enable (backup "bazarr"))
|
||||||
|
|
||||||
(lib.mkIf cfg.lidarr.enable (
|
(lib.mkIf cfg.lidarr.enable (
|
||||||
let
|
let
|
||||||
cfg' = cfg.lidarr;
|
cfg' = cfg.lidarr;
|
||||||
|
isSSOEnabled = !(isNull cfg'.authEndpoint);
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
services.lidarr = {
|
services.lidarr = {
|
||||||
|
@ -524,7 +530,11 @@ in
|
||||||
extraGroups = [ "media" ];
|
extraGroups = [ "media" ];
|
||||||
};
|
};
|
||||||
systemd.services.lidarr.preStart = shblib.replaceSecrets {
|
systemd.services.lidarr.preStart = shblib.replaceSecrets {
|
||||||
userConfig = cfg'.settings;
|
userConfig = cfg'.settings
|
||||||
|
// (lib.optionalAttrs isSSOEnabled {
|
||||||
|
AuthenticationRequired = "DisabledForLocalAddresses";
|
||||||
|
AuthenticationMethod = "External";
|
||||||
|
});
|
||||||
resultPath = "${config.services.lidarr.dataDir}/config.xml";
|
resultPath = "${config.services.lidarr.dataDir}/config.xml";
|
||||||
generator = apps.lidarr.settingsFormat.generate;
|
generator = apps.lidarr.settingsFormat.generate;
|
||||||
};
|
};
|
||||||
|
@ -537,7 +547,8 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "lidarr"))
|
}))
|
||||||
|
(lib.mkIf cfg.lidarr.enable (backup "readarr"))
|
||||||
|
|
||||||
(lib.mkIf cfg.jackett.enable (
|
(lib.mkIf cfg.jackett.enable (
|
||||||
let
|
let
|
||||||
|
@ -553,7 +564,7 @@ in
|
||||||
};
|
};
|
||||||
systemd.services.jackett.preStart = shblib.replaceSecrets {
|
systemd.services.jackett.preStart = shblib.replaceSecrets {
|
||||||
userConfig = cfg'.settings;
|
userConfig = cfg'.settings;
|
||||||
resultPath = "${config.services.jackett.dataDir}/config.xml";
|
resultPath = "${config.services.jackett.dataDir}/ServerConfig.json";
|
||||||
generator = apps.jackett.settingsFormat.generate;
|
generator = apps.jackett.settingsFormat.generate;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -567,6 +578,7 @@ in
|
||||||
];
|
];
|
||||||
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
excludePatterns = [".db-shm" ".db-wal" ".mono"];
|
||||||
};
|
};
|
||||||
} // backup "jackett"))
|
}))
|
||||||
]);
|
(lib.mkIf cfg.jackett.enable (backup "lidarr"))
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -299,7 +299,7 @@ in
|
||||||
'' + shblib.replaceSecrets {
|
'' + shblib.replaceSecrets {
|
||||||
userConfig = cfg.config;
|
userConfig = cfg.config;
|
||||||
resultPath = "${config.services.home-assistant.configDir}/secrets.yaml";
|
resultPath = "${config.services.home-assistant.configDir}/secrets.yaml";
|
||||||
generator = lib.generators.toYAML {};
|
generator = name: value: lib.generators.toYAML {} value;
|
||||||
});
|
});
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
|
|
|
@ -155,7 +155,7 @@ in
|
||||||
SMTP_PASSWORD.source = cfg.smtp.passwordFile;
|
SMTP_PASSWORD.source = cfg.smtp.passwordFile;
|
||||||
};
|
};
|
||||||
resultPath = "/var/lib/bitwarden_rs/vaultwarden.env";
|
resultPath = "/var/lib/bitwarden_rs/vaultwarden.env";
|
||||||
generator = v: lib.generators.toINIWithGlobalSection {} { globalSection = v; };
|
generator = name: v: lib.generators.toINIWithGlobalSection {} { globalSection = v; };
|
||||||
};
|
};
|
||||||
|
|
||||||
shb.nginx.autheliaProtect = [
|
shb.nginx.autheliaProtect = [
|
||||||
|
|
|
@ -126,7 +126,7 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
authEndpoint = "https://oidc.example.com";
|
authEndpoint = "https://oidc.example.com";
|
||||||
settings = {
|
settings = {
|
||||||
APIKeyFile = "/run/radarr/apikey";
|
APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -199,7 +199,7 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
authEndpoint = "https://oidc.example.com";
|
authEndpoint = "https://oidc.example.com";
|
||||||
settings = {
|
settings = {
|
||||||
APIKeyFile = "/run/radarr/apikey";
|
APIKey.source = pkgs.writeText "key" "/run/radarr/apikey";
|
||||||
};
|
};
|
||||||
backupCfg = {
|
backupCfg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -39,7 +39,7 @@ in
|
||||||
replaceInTemplate2 = shblib.replaceSecrets {
|
replaceInTemplate2 = shblib.replaceSecrets {
|
||||||
inherit userConfig;
|
inherit userConfig;
|
||||||
resultPath = "/var/lib/config2.yaml";
|
resultPath = "/var/lib/config2.yaml";
|
||||||
generator = lib.generators.toJSON {};
|
generator = name: value: lib.generators.toJSON {} value;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
pkgs.testers.runNixOSTest {
|
pkgs.testers.runNixOSTest {
|
||||||
|
|
Loading…
Reference in a new issue