mediaserver: Add mounts to systemd units

2023-04-28 00:05:07 +02:00 · 2023-04-28 00:05:07 +02:00 · 4998a3c0d8
parent 250bc99e3b
commit 4998a3c0d8
7 changed files with 117 additions and 64 deletions
--- a/container/tubearchivist/default.nix
+++ b/container/tubearchivist/default.nix
@ -35,9 +35,18 @@
    };
  };

-  systemd.services.podman-tubearchivist.serviceConfig = {
-    TimeoutStopSec = lib.mkForce 30;
-  };
+  systemd.services.podman-tubearchivist =
+    let
+      mounts = [ "mnt-media-YTDL.mount" ];
+    in
+    {
+      requires = mounts;
+      after = lib.mkMerge mounts;
+
+      serviceConfig = {
+        TimeoutStopSec = lib.mkForce 30;
+      };
+    };

  systemd.services.podman-archivist-redis.serviceConfig = {
    TimeoutStopSec = lib.mkForce 30;
--- a/secret/container/additional-media/default.nix
+++ b/secret/container/additional-media/default.nix
--- a/system/nixos/aria2.nix
+++ b/system/nixos/aria2.nix
@ -7,33 +7,38 @@ let
 in
 {
  # The nix-provided options force a aria2-user to a certain degree
-  systemd.services.aria2 = {
-    description = "aria2 Service";
-    bindsTo = [ "wg.service" ];
-    after = [ "wg.service" ];
-    wantedBy = [ "multi-user.target" ];
+  systemd.services.aria2 =
+    let
+      mounts = [ "mnt-downloads.mount" ];
+    in
+    {
+      description = "aria2 Service";
+      requires = mounts;
+      bindsTo = [ "wg.service" ];
+      after = [ "wg.service" ] ++ mounts;
+      wantedBy = [ "multi-user.target" ];

-    preStart = ''
-      if [[ ! -e "${sessionFile}" ]]
-      then
-        touch "${sessionFile}"
-      fi
-      cp -f "${config.age.secrets.aria2-config.path}" "${settingsDir}/aria2.conf"
-    '';
+      preStart = ''
+        if [[ ! -e "${sessionFile}" ]]
+        then
+          touch "${sessionFile}"
+        fi
+        cp -f "${config.age.secrets.aria2-config.path}" "${settingsDir}/aria2.conf"
+      '';

-    serviceConfig = {
-      Restart = "on-abort";
-      ExecStart = "${pkgs.aria2}/bin/aria2c --enable-rpc --conf-path=${settingsDir}/aria2.conf --save-session=${sessionFile}";
-      ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
-      User = "media_user";
-      Group = "media_group";
-      NetworkNamespacePath = "/var/run/netns/wg";
-      BindReadOnlyPaths = [
-        "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
-        "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
-      ];
+      serviceConfig = {
+        Restart = "on-abort";
+        ExecStart = "${pkgs.aria2}/bin/aria2c --enable-rpc --conf-path=${settingsDir}/aria2.conf --save-session=${sessionFile}";
+        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+        User = "media_user";
+        Group = "media_group";
+        NetworkNamespacePath = "/var/run/netns/wg";
+        BindReadOnlyPaths = [
+          "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
+          "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+        ];
+      };
    };
-  };

  services.nginx.virtualHosts."aria.internal.kempkens.network" = {
    quic = true;
--- a/system/nixos/jellyfin.nix
+++ b/system/nixos/jellyfin.nix
@ -8,6 +8,22 @@
    openFirewall = false;
  };

+  systemd.services.jellyfin =
+    let
+      mounts = [
+        "mnt-media-TV\\x20Shows.mount"
+        "mnt-media-Documentaries.mount"
+        "mnt-media-Anime.mount"
+        "mnt-media-Movies.mount"
+        "mnt-media-Deutsche\\x20Serien.mount"
+        "mnt-media-Deutsche\\x20Filme.mount"
+      ];
+    in
+    {
+      requires = mounts;
+      after = lib.mkMerge mounts;
+    };
+
  services.nginx.virtualHosts."jellyfin.internal.kempkens.network" = {
    listen = [
      {
--- a/system/nixos/radarr.nix
+++ b/system/nixos/radarr.nix
@ -8,18 +8,26 @@
    openFirewall = false;
  };

-  systemd.services.radarr = {
-    bindsTo = [ "wg.service" ];
-    after = lib.mkForce [ "wg.service" ];
-
-    serviceConfig = {
-      NetworkNamespacePath = "/var/run/netns/wg";
-      BindReadOnlyPaths = [
-        "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
-        "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+  systemd.services.radarr =
+    let
+      mounts = [
+        "mnt-media-Movies.mount"
+        "mnt-downloads.mount"
      ];
+    in
+    {
+      requires = mounts;
+      bindsTo = [ "wg.service" ];
+      after = lib.mkForce ([ "wg.service" ] ++ mounts);
+
+      serviceConfig = {
+        NetworkNamespacePath = "/var/run/netns/wg";
+        BindReadOnlyPaths = [
+          "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
+          "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+        ];
+      };
    };
-  };

  services.nginx.virtualHosts."radarr.internal.kempkens.network" = {
    quic = true;
--- a/system/nixos/sabnzbd.nix
+++ b/system/nixos/sabnzbd.nix
@ -2,25 +2,30 @@

 {
  # The nix-provided options force a sabnzbd-user to a certain degree
-  systemd.services.sabnzbd = {
-    description = "sabnzbd server";
-    bindsTo = [ "wg.service" ];
-    after = [ "wg.service" ];
-    wantedBy = [ "multi-user.target" ];
+  systemd.services.sabnzbd =
+    let
+      mounts = [ "mnt-downloads.mount" ];
+    in
+    {
+      description = "sabnzbd server";
+      requires = mounts;
+      bindsTo = [ "wg.service" ];
+      after = [ "wg.service" ] ++ mounts;
+      wantedBy = [ "multi-user.target" ];

-    serviceConfig = {
-      Type = "forking";
-      GuessMainPID = "no";
-      User = "media_user";
-      Group = "media_group";
-      NetworkNamespacePath = "/var/run/netns/wg";
-      BindReadOnlyPaths = [
-        "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
-        "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
-      ];
-      ExecStart = "${pkgs.sabnzbd}/bin/sabnzbd -d -f /var/lib/sabnzbd/sabnzbd.ini";
+      serviceConfig = {
+        Type = "forking";
+        GuessMainPID = "no";
+        User = "media_user";
+        Group = "media_group";
+        NetworkNamespacePath = "/var/run/netns/wg";
+        BindReadOnlyPaths = [
+          "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
+          "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+        ];
+        ExecStart = "${pkgs.sabnzbd}/bin/sabnzbd -d -f /var/lib/sabnzbd/sabnzbd.ini";
+      };
    };
-  };

  services.nginx.virtualHosts."sabnzbd.internal.kempkens.network" = {
    quic = true;
--- a/system/nixos/sonarr.nix
+++ b/system/nixos/sonarr.nix
@ -8,18 +8,28 @@
    openFirewall = false;
  };

-  systemd.services.sonarr = {
-    bindsTo = [ "wg.service" ];
-    after = lib.mkForce [ "wg.service" ];
-
-    serviceConfig = {
-      NetworkNamespacePath = "/var/run/netns/wg";
-      BindReadOnlyPaths = [
-        "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
-        "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+  systemd.services.sonarr =
+    let
+      mounts = [
+        "mnt-media-TV\\x20Shows.mount"
+        "mnt-media-Documentaries.mount"
+        "mnt-media-Anime.mount"
+        "mnt-downloads.mount"
      ];
+    in
+    {
+      requires = mounts;
+      bindsTo = [ "wg.service" ];
+      after = lib.mkForce ([ "wg.service" ] ++ mounts);
+
+      serviceConfig = {
+        NetworkNamespacePath = "/var/run/netns/wg";
+        BindReadOnlyPaths = [
+          "/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
+          "/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
+        ];
+      };
    };
-  };

  services.nginx.virtualHosts."sonarr.internal.kempkens.network" = {
    quic = true;