change from media group to shared group

2024-12-26 17:34:54 +00:00 · 2024-12-08 23:53:10 +00:00 · 2024-12-08 23:53:10 +00:00 · 30cc02c2a7
commit 30cc02c2a7
parent 0d3e42be3f
5 changed files with 13 additions and 26 deletions
--- a/flake.lock
+++ b/flake.lock
@ -428,7 +428,7 @@
      "flake": false,
      "locked": {
        "lastModified": 1728502660,
-        "narHash": "sha256-+0EivmFXn/o4CE/7Tgo0DFixZo4ELwKJpfEdQllEJMw=",
+        "narHash": "sha256-oCw6Brs85rINBHvz3UJXheyLVqvA3RgPXG03b30Fx7E=",
        "type": "tarball",
        "url": "https://snappymail.eu/repository/nextcloud/snappymail-2.38.2-nextcloud.tar.gz"
      },
--- a/modules/nixos/services/arr.nix
+++ b/modules/nixos/services/arr.nix
@ -56,38 +56,32 @@ in
    services = {
      bazarr = {
        enable = true;
-        group = "media";
+        group = "shared";
      };
      jellyseerr.enable = true;
      prowlarr.enable = true;
      sabnzbd = {
        enable = true;
-        group = "media";
+        group = "shared";
        # The config file must be editable within the application
        # It contains server configs and credentials
        configFile = "/data/downloads/sabnzbd/sabnzbd.ini";
      };
      sonarr = {
        enable = true;
-        group = "media";
+        group = "shared";
      };
      radarr = {
        enable = true;
-        group = "media";
+        group = "shared";
      };
      readarr = {
        enable = true;
-        group = "media";
+        group = "shared";
      };
    };
-    # Create a media group to be shared between services
+    # Allows shared group to read/write the sabnzbd directory
    users.groups.media = { };
    # Give the human user access to the media group
    users.users.${config.user}.extraGroups = [ "media" ];
    # Allows media group to read/write the sabnzbd directory
    users.users.sabnzbd.homeMode = "0770";
    unfreePackages = [ "unrar" ]; # Required as a dependency for sabnzbd
@ -108,7 +102,7 @@ in
        handle = [
          {
            handler = "reverse_proxy";
-            # We're able to reference the url and port of the service dynamically 
+            # We're able to reference the url and port of the service dynamically
            upstreams = [ { dial = arrConfig.sonarr.url; } ];
          }
        ];
--- a/modules/nixos/services/audiobookshelf.nix
+++ b/modules/nixos/services/audiobookshelf.nix
@ -4,6 +4,7 @@
  config = lib.mkIf config.services.audiobookshelf.enable {
    services.audiobookshelf = {
      group = "shared";
      dataDir = "audiobookshelf";
    };
@ -23,15 +24,6 @@
    # Configure Cloudflare DNS to point to this machine
    services.cloudflare-dyndns.domains = [ config.hostnames.audiobooks ];
    # Grant user access to Audiobookshelf directories
    users.users.${config.user}.extraGroups = [ config.services.audiobookshelf.group ];
    # Grant audiobookshelf access to media and Calibre directories
    users.users.${config.services.audiobookshelf.user}.extraGroups = [
      "media"
      "calibre-web"
    ];
  };
 }
--- a/modules/nixos/services/calibre.nix
+++ b/modules/nixos/services/calibre.nix
@ -28,6 +28,7 @@ in
  config = lib.mkIf config.services.calibre-web.enable {
    services.calibre-web = {
      group = "shared";
      openFirewall = true;
      options = {
        reverseProxyAuth.enable = false;
--- a/modules/nixos/services/jellyfin.nix
+++ b/modules/nixos/services/jellyfin.nix
@ -11,7 +11,7 @@
  config = lib.mkIf config.services.jellyfin.enable {
-    services.jellyfin.group = "media";
+    services.jellyfin.group = "shared";
    users.users.jellyfin = {
      isSystemUser = true;
    };
@ -49,8 +49,8 @@
    # Create videos directory, allow anyone in Jellyfin group to manage it
    systemd.tmpfiles.rules = [
-      "d /var/lib/jellyfin 0775 jellyfin media"
+      "d /var/lib/jellyfin 0775 jellyfin shared"
-      "d /var/lib/jellyfin/library 0775 jellyfin media"
+      "d /var/lib/jellyfin/library 0775 jellyfin shared"
    ];
    # Enable VA-API for hardware transcoding