diff --git a/enviroments/server/default.nix b/enviroments/server/default.nix index d3e9d63..3bdc8c4 100644 --- a/enviroments/server/default.nix +++ b/enviroments/server/default.nix @@ -1,10 +1,32 @@ -{ config, ... }: +{ config, pkgs, ... }: { imports = [ ../common ]; + users.groups.jellyfin_media = { + members = ["jellyfin" "leyla" "ester" "eve"]; + }; + + users.groups.jellyfin = { + members = ["jellyfin" "leyla"]; + }; + + users.users.jellyfin = { + uid = 2000; + group = "jellyfin"; + isSystemUser = true; + }; + + systemd.tmpfiles.rules = [ + "d /home/jellyfin 755 jellyfin jellyfin -" + "d /home/jellyfin/media 775 jellyfin jellyfin_media -" + "d /home/jellyfin/config 750 jellyfin jellyfin -" + "d /home/jellyfin/cache 755 jellyfin jellyfin_media -" + ]; + services = let + jellyfinDomain = "jellyfin.jan-leila.com"; headscaleDomain = "headscale.jan-leila.com"; in { nfs.server = { @@ -28,6 +50,15 @@ }; }; + jellyfin = { + enable = true; + user = "jellyfin"; + group = "jellyfin"; + dataDir = "/home/jellyfin/config"; # location on existing server: /home/docker/jellyfin/config + cacheDir = "/home/jellyfin/cache"; # location on existing server: /home/docker/jellyfin/cache + openFirewall = false; + }; + nginx = { enable = false; # TODO: enable this when you want to test all the configs virtualHosts = { @@ -40,6 +71,15 @@ proxyWebsockets = true; }; }; + ${jellyfinDomain} = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = + "http://localhost:8096"; + proxyWebsockets = true; + }; + }; }; }; }; @@ -59,5 +99,10 @@ networking.firewall.allowedTCPPorts = [ 2049 ]; - environment.systemPackages = [ config.services.headscale.package ]; + environment.systemPackages = [ + config.services.headscale.package + pkgs.jellyfin + pkgs.jellyfin-web + pkgs.jellyfin-ffmpeg + ]; } \ No newline at end of file