dp/nixcfg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity
Files
f25f05f731baa97841956d46a3bccdeb7059f8d8
nixcfg/modules/dungflix/default.nix
Daniel Patterson f25f05f731 Fix dung
2024-10-06 11:13:59 +01:00

84 lines
2.2 KiB
Nix
Raw Blame History

{
pkgs,
config,
...
}: let
mountdir = "/var/media/danflix";
rclone_config = pkgs.writeText "" ''
[danflix-storage-box]
type = sftp
sftp_md5sum_command = md5sum
sftp_sha1sum_command = sha1sum
[danflix-crypto]
type = crypt
remote = danflix-storage-box:danflix
'';
in {
age.secrets = {
danflix_storage_box_crypt_obscured_pw.file = ../../secrets/danflix_storage_box_crypt_obscured_pw.age;
danflix_hetzner_storage_box_pub_key.file = ../../secrets/danflix_hetzner_storage_box_pub_key.age;
danflix_env_file.file = ../../secrets/danflix_env_file.age;
};
services = {
jellyfin.enable = true;
transmission = {
enable = true;
webHome = pkgs.transmission + /share/transmission/web;
settings = {
rpc-host-whitelist-enable = true;
rpc-host-whitelist = "bigding.squirrel-clownfish.ts.net,bigding";
};
};
};
users.users."daniel".extraGroups = ["transmission"];
systemd.services.transmission.serviceConfig = {
Restart = "always";
RuntimeMaxSec = 28800;
MemoryMax = "1G";
};
systemd.services.danflix-mount = {
description = "Mount the Hetzner Storage Box media store";
wantedBy = ["multi-user.target"];
path = [pkgs.fuse3];
preStart = ''
mkdir -p -m 777 ${mountdir}
'';
environment = {
"RCLONE_SFTP_KEY_FILE" = config.age.secrets.danflix_hetzner_storage_box_pub_key.path;
};
script = ''
${pkgs.rclone}/bin/rclone --config="${rclone_config}" mount danflix-crypto: ${mountdir} \
--vfs-cache-mode full \
--vfs-cache-max-age 336h \
--vfs-cache-max-size 60G \
--allow-other \
--no-modtime \
--rc \
--sftp-concurrency 8 \
--checkers 4 \
--rc-addr=localhost:5572 \
--rc-no-auth \
-v
'';
postStart = ''
sleep 5
${pkgs.rclone}/bin/rclone --config="${rclone_config}" rc vfs/refresh recursive=true _async=true
'';
postStop = ''
sleep 3
${pkgs.fuse3}/bin/fusermount -u ${mountdir}
'';
serviceConfig = {
EnvironmentFile = config.age.secrets.danflix_env_file.path;
Restart = "on-failure";
};
};
}
Reference in New Issue View Git Blame Copy Permalink