From 13c7859a783ebc0533982fbb2f4d79d28c323852 Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Sun, 18 Jun 2023 03:24:35 +0000
Subject: [PATCH] fix: including disabled wireguard settings

---
 modules/nixos/services/jellyfin.nix     |  2 ++
 modules/nixos/services/transmission.nix |  8 +++++---
 modules/nixos/services/wireguard.nix    | 10 +++++++---
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/modules/nixos/services/jellyfin.nix b/modules/nixos/services/jellyfin.nix
index 109e715..c8441f1 100644
--- a/modules/nixos/services/jellyfin.nix
+++ b/modules/nixos/services/jellyfin.nix
@@ -41,6 +41,8 @@
       "VDPAU_DRIVER" = "radeonsi";
       "LIBVA_DRIVER_NAME" = "radeonsi";
     };
+    users.users.jellyfin.extraGroups =
+      [ "render" "video" ]; # Access to /dev/dri
 
   };
 
diff --git a/modules/nixos/services/transmission.nix b/modules/nixos/services/transmission.nix
index b9c40c2..cdcf126 100644
--- a/modules/nixos/services/transmission.nix
+++ b/modules/nixos/services/transmission.nix
@@ -42,8 +42,10 @@
 
     # Create reverse proxy for web UI
     caddy.routes = lib.mkAfter [{
-      group =
-        lib.mkIf (config.arrServer == config.transmissionServer) "download";
+      group = if (config.arrServer == config.transmissionServer) then
+        "download"
+      else
+        "transmission";
       match = [{
         host = [ config.transmissionServer ];
         path = [ "/transmission*" ];
@@ -76,7 +78,7 @@
 
     # Create credentials file for transmission
     secrets.transmission = {
-      source = ../../private/transmission.json.age;
+      source = ../../../private/transmission.json.age;
       dest = "${config.secretsDirectory}/transmission.json";
       owner = "transmission";
       group = "transmission";
diff --git a/modules/nixos/services/wireguard.nix b/modules/nixos/services/wireguard.nix
index 1701f26..042bf73 100644
--- a/modules/nixos/services/wireguard.nix
+++ b/modules/nixos/services/wireguard.nix
@@ -2,13 +2,16 @@
 
   options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup.";
 
-  config = lib.mkIf (pkgs.stdenv.isLinux && config.wireguard.enable) {
+  config = lib.mkIf (pkgs.stdenv.isLinux) {
 
     networking.wireguard = {
-      enable = true;
+      enable = config.wireguard.enable;
       interfaces = {
         wg0 = {
 
+          # Something to use as a default value
+          ips = lib.mkDefault [ "127.0.0.1/32" ];
+
           # Establishes identity of this machine
           generatePrivateKeyFile = false;
           privateKeyFile = config.secrets.wireguard.dest;
@@ -23,6 +26,7 @@
     # Create namespace for Wireguard
     # This allows us to isolate specific programs to Wireguard
     systemd.services."netns@" = {
+      enable = config.wireguard.enable;
       description = "%I network namespace";
       before = [ "network.target" ];
       serviceConfig = {
@@ -35,7 +39,7 @@
 
     # Create private key file for wireguard
     secrets.wireguard = {
-      source = ../../private/wireguard.age;
+      source = ../../../private/wireguard.age;
       dest = "${config.secretsDirectory}/wireguard";
     };