jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

pkgs/jellysearch: init at 0.0.1
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m16s
Details

Browse Source
This commit is contained in:
Jordan Holt
2025-06-22 17:00:54 +01:00
parent 3fb607752b
commit 532427c07f
3 changed files with 241 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
hosts/library/jellysearch.nix
View File

@ -16,21 +16,43 @@
masterKeyEnvironmentFile = config.age.secrets."files/services/meilisearch/envfile".path;
};
virtualisation.oci-containers.containers = {
jellysearch = {
image = "domistyle/jellysearch";
environment = {
INDEX_CRON = "0 0 0/2 ? * * *";
JELLYFIN_URL = "http://localhost:8096";
MEILI_URL = "http://localhost:${toString config.services.meilisearch.listenPort}";
};
environmentFiles = [
config.age.secrets."files/services/meilisearch/envfile".path
];
volumes = [
"${toString config.services.jellyfin.configDir}:/config:ro"
];
extraOptions = [ "--network=host" ];
users.users.jellysearch = {
group = "jellysearch";
isSystemUser = true;
};
users.groups.jellysearch = { };
systemd.services.jellysearch = {
enable = true;
description = "JellySearch";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
Restart = "on-failure";
ExecStart = "${pkgs.jellysearch}/bin/jellysearch";
StateDirectory = "jellysearch";
StateDirectoryMode = "0750";
WorkingDirectory = "/var/lib/jellysearch";
EnivronmentFile = config.age.secrets."files/services/meilisearch/envfile".path;
NoNewPrivileges = true;
SystemCallArchitectures = "native";
RestrictRealtime = true;
RestrictSUIDSGID = true;
ProtectHostname = true;
LockPersonality = true;
PrivateDevices = true;
PrivateUsers = true;
RemoveIPC = true;
};
environment = {
DOTNET_ENVIRONMENT = "Production";
INDEX_CRON = "0 0 0/2 ? * * *";
JELLYFIN_URL = "http://localhost:8096";
JELLYFIN_CONFIG_DIR = "${toString config.services.jellyfin.configDir}";
MEILI_URL = "http://localhost:${toString config.services.meilisearch.listenPort}";
};
};
}