From 0015a3d989890b925ed0f949037ed403fe70d987 Mon Sep 17 00:00:00 2001 From: Daniel Kempkens Date: Wed, 26 Apr 2023 13:53:36 +0200 Subject: [PATCH] mediaserver: Add aria2 --- agenix/hosts/mediaserver/aria2/config.age | Bin 0 -> 561 bytes agenix/hosts/mediaserver/config.nix | 6 ++ home/programs/nvim/plugins.nix | 18 +++--- secrets.nix | 2 + system/hosts/mediaserver.nix | 1 + system/nixos/aria2.nix | 64 ++++++++++++++++++++++ 6 files changed, 82 insertions(+), 9 deletions(-) create mode 100644 agenix/hosts/mediaserver/aria2/config.age create mode 100644 system/nixos/aria2.nix diff --git a/agenix/hosts/mediaserver/aria2/config.age b/agenix/hosts/mediaserver/aria2/config.age new file mode 100644 index 0000000000000000000000000000000000000000..f8f22493d6a2ca9d158ad62fff2b3047970442b1 GIT binary patch literal 561 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCUlEpaa}OIOIs%nJ?o z4a_VFc1q06^NC6?@-+=JFx9v4_YRD5Gjq4dNs9Dx_9}48apW=$EOGab^7C{l3ARiv z@h`DC@``r&@H#vxwycu(yctP*fhd4vzSXeIV2nDD$CG0!Zob4(lsb6 zJ;gV}B;UQXz&yw_&@Uz5EZwLyI1*%=pKf|lYGQG!f={A?N4|n{P?@D0mt&BJN4Rs4 zS*f9me}#Km_b2UXmDayxPfa?Qj}**n^VNTDn(-kqV4L;ouxN884z{2jymk*--(Q>*vian~Uf=8rzZdBf`Il$TQ?uv$ zn3NLCW3$n4bJxF@8Rr&i{7^b``tRw8Js}>PidSB6A8bescFHxA-eTF+b?4EKTb>hb oS0&4E9MLRKpFFMZ*+i#=Z+mjngC}dBVQ^|)9sfP-ZSOrD0CjoJL;wH) literal 0 HcmV?d00001 diff --git a/agenix/hosts/mediaserver/config.nix b/agenix/hosts/mediaserver/config.nix index 5196bcf..8c841d4 100644 --- a/agenix/hosts/mediaserver/config.nix +++ b/agenix/hosts/mediaserver/config.nix @@ -25,5 +25,11 @@ tubearchivist-environment-es = { file = ./tubearchivist/environmentES.age; }; + + aria2-config = { + file = ./aria2/config.age; + owner = "media_user"; + group = "media_group"; + }; }; } diff --git a/home/programs/nvim/plugins.nix b/home/programs/nvim/plugins.nix index 081d2f9..42c0177 100644 --- a/home/programs/nvim/plugins.nix +++ b/home/programs/nvim/plugins.nix @@ -107,12 +107,12 @@ in }; nvim-treesitter = buildVimPluginFrom2Nix { pname = "nvim-treesitter"; - version = "2023-04-25"; + version = "2023-04-26"; src = fetchFromGitHub { owner = "nvim-treesitter"; repo = "nvim-treesitter"; - rev = "82bcd8483e0b802bd5f639046c88aecfddbab508"; - sha256 = "12phddjhxir1b9b8731b2d28zfa9lxvk85pi6i126s84rnr76nv2"; + rev = "0d7da3bd7d59ffacc2fac6a52a1ba16d820f882c"; + sha256 = "0dd125zxggjxkdv8lpshm9w0fm0m1w7k2r1i5ar1rhgzbb4v0b3y"; fetchSubmodules = false; }; }; @@ -140,12 +140,12 @@ in }; telescope-nvim = buildVimPluginFrom2Nix { pname = "telescope.nvim"; - version = "2023-04-23"; + version = "2023-04-26"; src = fetchFromGitHub { owner = "nvim-telescope"; repo = "telescope.nvim"; - rev = "f2645c13205abb9ee3dbcee68416645c69b863c8"; - sha256 = "0kayab5maqjw9dq1dvila2si6j79rrbimfmj7az718msz20fp35z"; + rev = "713d26b98583b160b50fb827adb751f768238ed3"; + sha256 = "0g9ac5wp9vnj2qmwc4v6ix0pjsaqg0q5vk42wbyjjnkxa17f2y1b"; fetchSubmodules = false; }; }; @@ -308,12 +308,12 @@ in }; friendly-snippets = buildVimPluginFrom2Nix { pname = "friendly-snippets"; - version = "2023-04-24"; + version = "2023-04-26"; src = fetchFromGitHub { owner = "rafamadriz"; repo = "friendly-snippets"; - rev = "9590ff90759488674cf97fe5d5754a0733ab37bb"; - sha256 = "1x89ffp5ih2xsjzczfv1nma8jvr0sbwyss7mw4pkxfivhz10ai5c"; + rev = "631f79e346b0b3203d2ce3eae619ca8d612e5463"; + sha256 = "0ly8dpp2g6ls5cxwhwb2pwihn9ivhc0amb9h33lfchs5m6ps2a7b"; fetchSubmodules = false; }; }; diff --git a/secrets.nix b/secrets.nix index 3d5ef6b..b29a3a6 100644 --- a/secrets.nix +++ b/secrets.nix @@ -67,4 +67,6 @@ in "agenix/hosts/mediaserver/tubearchivist/environmentTA.age".publicKeys = mediaserver; "agenix/hosts/mediaserver/tubearchivist/environmentES.age".publicKeys = mediaserver; + + "agenix/hosts/mediaserver/aria2/config.age".publicKeys = mediaserver; } diff --git a/system/hosts/mediaserver.nix b/system/hosts/mediaserver.nix index 6585971..865fbd2 100644 --- a/system/hosts/mediaserver.nix +++ b/system/hosts/mediaserver.nix @@ -26,6 +26,7 @@ in ../nixos/sonarr.nix ../nixos/radarr.nix ../nixos/jellyfin.nix + ../nixos/aria2.nix ../nixos/container.nix ../../container/tubearchivist diff --git a/system/nixos/aria2.nix b/system/nixos/aria2.nix new file mode 100644 index 0000000..c556212 --- /dev/null +++ b/system/nixos/aria2.nix @@ -0,0 +1,64 @@ +{ pkgs, lib, config, ... }: + +let + ariaDir = "/mnt/downloads/Aria2"; + settingsDir = "${ariaDir}/conf"; + sessionFile = "${settingsDir}/aria2.session"; +in +{ + # The nix-provided options force a aria2-user to a certain degree + systemd.tmpfiles.rules = [ + "d ${ariaDir} 0755 media_user media_group" + "d ${settingsDir} 0755 media_user media_group" + "d ${ariaDir}/dl 0755 media_user media_group" + ]; + + systemd.services.aria2 = { + description = "aria2 Service"; + bindsTo = [ "wg.service" ]; + after = [ "wg.service" ]; + wantedBy = [ "multi-user.target" ]; + + preStart = '' + if [[ ! -e "${sessionFile}" ]] + then + touch "${sessionFile}" + fi + cp -f "${config.age.secrets.aria2-config.path}" "${settingsDir}/aria2.conf" + ''; + + serviceConfig = { + Restart = "on-abort"; + ExecStart = "${pkgs.aria2}/bin/aria2c --enable-rpc --conf-path=${settingsDir}/aria2.conf --save-session=${sessionFile}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + User = "media_user"; + Group = "media_group"; + NetworkNamespacePath = "/var/run/netns/wg"; + BindReadOnlyPaths = [ + "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind" + "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind" + ]; + }; + }; + + services.nginx.virtualHosts."aria.internal.kempkens.network" = { + quic = true; + http3 = true; + kTLS = true; + + root = "${pkgs.ariang}/share/ariang"; + onlySSL = true; + useACMEHost = "internal.kempkens.network"; + + locations."/jsonrpc" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.42.2:6800"; + proxyWebsockets = true; + }; + + locations."/rpc" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.42.2:6800"; + }; + }; +}