51 lines
1.4 KiB
Nix
51 lines
1.4 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
inherit (lib) mkIf getExe;
|
|
inherit (config.ooknet.server) media-server;
|
|
inherit (config.ooknet.server.media-server) storage users groups domain proxy ports;
|
|
in {
|
|
config = mkIf media-server.prowlarr.enable {
|
|
# we dont use the nixpkgs prowlarr service module because it lacks the option to
|
|
# declare dataDir, user and group.
|
|
|
|
# setup user
|
|
users.users.prowlarr = {
|
|
group = groups.prowlarr;
|
|
home = storage.state.prowlarr;
|
|
uid = 293;
|
|
isSystemUser = true;
|
|
};
|
|
users.groups.prowlarr = {};
|
|
|
|
# basic systemd service
|
|
systemd = {
|
|
services.prowlarr = {
|
|
description = "Prowlarr";
|
|
after = ["network.target"];
|
|
wantedBy = ["multi-user.target"];
|
|
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
User = users.prowlarr;
|
|
group = groups.prowlarr;
|
|
ExecStart = "${getExe pkgs.prowlarr} -nobrowser -data=${storage.state.prowlarr}";
|
|
Restart = "on-failure";
|
|
};
|
|
};
|
|
tmpfiles.settings.prowlarrDirs = {
|
|
"${storage.state.prowlarr}"."d" = {
|
|
mode = "0700";
|
|
user = users.prowlarr;
|
|
group = groups.prowlarr;
|
|
};
|
|
};
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ports.prowlarr];
|
|
ooknet.server.webserver.caddy.enable = true;
|
|
services.caddy.virtualHosts."${domain.prowlarr}".extraConfig = proxy.prowlarr;
|
|
};
|
|
}
|