feat: add komga service
Komga does not appear to be picking up the application.yml configuration file. Maybe it's a permissions issue?main
parent
c53b7adc0f
commit
bce2cb54f2
|
@ -106,7 +106,7 @@
|
||||||
users.users.radarr.extraGroups = [ "aria2" ];
|
users.users.radarr.extraGroups = [ "aria2" ];
|
||||||
users.users.readarr.extraGroups = [ "aria2" ];
|
users.users.readarr.extraGroups = [ "aria2" ];
|
||||||
users.users.sonarr.extraGroups = [ "aria2" ];
|
users.users.sonarr.extraGroups = [ "aria2" ];
|
||||||
users.users.bazarr.extraGroups = [ "aria2" ];
|
users.users.bazarr.extraGroups = [ "multimedia" "aria2" ];
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
"d /zroot/media 0770 - multimedia - -"
|
"d /zroot/media 0770 - multimedia - -"
|
||||||
];
|
];
|
||||||
|
@ -116,9 +116,32 @@
|
||||||
services.radarr = { enable = true; group = "multimedia"; };
|
services.radarr = { enable = true; group = "multimedia"; };
|
||||||
services.readarr = { enable = true; group = "multimedia"; };
|
services.readarr = { enable = true; group = "multimedia"; };
|
||||||
services.sonarr = { enable = true; group = "multimedia"; };
|
services.sonarr = { enable = true; group = "multimedia"; };
|
||||||
services.bazarr = { enable = true; group = "multimedia"; };
|
services.bazarr = { enable = true; user = "bazarr"; group = "multimedia"; };
|
||||||
services.prowlarr = { enable = true; };
|
services.prowlarr = { enable = true; };
|
||||||
|
|
||||||
|
users.users.komga.extraGroups = [ "multimedia" ];
|
||||||
|
services.komgaCustom = {
|
||||||
|
enable = true;
|
||||||
|
group = "multimedia";
|
||||||
|
settings = {
|
||||||
|
spring.security.oauth2.client = {
|
||||||
|
registration.dex = {
|
||||||
|
provider = "dex";
|
||||||
|
client-id = "komga";
|
||||||
|
client-secret = "insecure_secret";
|
||||||
|
client-name = "Komga";
|
||||||
|
scope = "openid,email";
|
||||||
|
authorization-grant-type = "authorization_code";
|
||||||
|
redirect-uri = "{baseUrl}/{action}/oauth2/code/{registrationId}";
|
||||||
|
};
|
||||||
|
provider.dex = {
|
||||||
|
user-name-attribute = "sub";
|
||||||
|
issuer-uri = "https://dex.samsehu.perli.casa";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services."netns@" = {
|
systemd.services."netns@" = {
|
||||||
description = "%I network namespace";
|
description = "%I network namespace";
|
||||||
before = [ "network.target" ];
|
before = [ "network.target" ];
|
||||||
|
@ -235,6 +258,12 @@
|
||||||
name = "Jellyfin";
|
name = "Jellyfin";
|
||||||
redirectURIs = [ "https://jellyfin.samsehu.perli.casa/sso/OID/redirect/dex" ];
|
redirectURIs = [ "https://jellyfin.samsehu.perli.casa/sso/OID/redirect/dex" ];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
id = "komga";
|
||||||
|
secret = "insecure_secret";
|
||||||
|
name = "Komga";
|
||||||
|
redirectURIs = [ "https://komga.samsehu.perli.casa/login/oauth2/code/dex" ];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
# authentication sources
|
# authentication sources
|
||||||
|
@ -556,6 +585,9 @@
|
||||||
}
|
}
|
||||||
respond 403
|
respond 403
|
||||||
'';
|
'';
|
||||||
|
virtualHosts."komga.samsehu.perli.casa".extraConfig = ''
|
||||||
|
reverse_proxy localhost:25600
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# Headscale for access to the network while away from home
|
# Headscale for access to the network while away from home
|
||||||
|
@ -597,6 +629,7 @@
|
||||||
{ name = "son.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
{ name = "son.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
||||||
{ name = "baz.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
{ name = "baz.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
||||||
{ name = "prowl.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
{ name = "prowl.arr.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
||||||
|
{ name = "komga.samsehu.perli.casa"; type = "A"; value = "100.64.0.3"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -41,6 +41,7 @@
|
||||||
./agenix-config-module.nix
|
./agenix-config-module.nix
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
./services/glauth.nix
|
./services/glauth.nix
|
||||||
|
./services/komga.nix
|
||||||
agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
|
@ -0,0 +1,111 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.komgaCustom;
|
||||||
|
settingsFormat = pkgs.formats.yaml {};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.komgaCustom = {
|
||||||
|
enable = mkEnableOption (lib.mdDoc "Komga, a free and open source comics/mangas media server");
|
||||||
|
|
||||||
|
port = mkOption {
|
||||||
|
type = types.port;
|
||||||
|
default = 25600;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
The port that Komga will listen on.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
user = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "komga";
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
User account under which Komga runs.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
group = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "komga";
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Group under which Komga runs.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
stateDir = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "/var/lib/komga";
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
State and configuration directory Komga will use.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
openFirewall = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Whether to open the firewall for the port in {option}`services.komga.port`.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = mkOption {
|
||||||
|
type = settingsFormat.type;
|
||||||
|
default = {};
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Configuration for application.yaml, see
|
||||||
|
<link xlink:href="https://komga.org/docs/installation/configuration"
|
||||||
|
for supported settings.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
|
||||||
|
|
||||||
|
users.groups = mkIf (cfg.group == "komga") {
|
||||||
|
komga = {};
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users = mkIf (cfg.user == "komga") {
|
||||||
|
komga = {
|
||||||
|
group = cfg.group;
|
||||||
|
home = cfg.stateDir;
|
||||||
|
description = "Komga Daemon user";
|
||||||
|
isSystemUser = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.komgaCustom = {
|
||||||
|
environment = {
|
||||||
|
SERVER_PORT = builtins.toString cfg.port;
|
||||||
|
KOMGA_CONFIGDIR = cfg.stateDir;
|
||||||
|
};
|
||||||
|
|
||||||
|
description = "Komga is a free and open source comics/mangas media server";
|
||||||
|
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
wants = [ "network-online.target" ];
|
||||||
|
after = [ "network-online.target" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
User = cfg.user;
|
||||||
|
Group = cfg.group;
|
||||||
|
|
||||||
|
Type = "simple";
|
||||||
|
Restart = "on-failure";
|
||||||
|
ExecStartPre = pkgs.writeShellScript "komga-config-setup" ''
|
||||||
|
ln -sf ${settingsFormat.generate "application.yml" cfg.settings} ${cfg.stateDir}/application.yml
|
||||||
|
'';
|
||||||
|
ExecStart = "${pkgs.komga}/bin/komga";
|
||||||
|
|
||||||
|
StateDirectory = mkIf (cfg.stateDir == "/var/lib/komga") "komga";
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue