thunderbottom/flakes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4716c8a07d
flakes/modules/nixos/services/arr/jellyfin/default.nix
Chinmay D. Pai e7d17df90a
chore: remove chaotic/nyx from inputs and cleanup hardware.graphics 
* remove unused graphics extraPackages from desktop installation
* rename vaapiIntel to intel-vaapi-driver
* remove chaotic mesa opencl library

Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
2024-10-09 17:58:44 +05:30

92 lines
2.2 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}: {
options.snowflake.services.jellyfin = {
enable = lib.mkEnableOption "Enable jellyfin deployment configuration";
};
config = let
cfg = config.snowflake.services.jellyfin;
in
lib.mkIf cfg.enable {
services.jellyfin = {
enable = true;
openFirewall = true;
};
users.groups.media = {
members = ["@wheel" "jellyfin"];
};
nixpkgs.config.packageOverrides = pkgs: {
jellyfin-ffmpeg = pkgs.jellyfin-ffmpeg.override {
ffmpeg_6-full = pkgs.ffmpeg_6-full.override {
withMfx = false;
withVpl = true;
};
};
intel-vaapi-driver = pkgs.intel-vaapi-driver.override {enableHybridCodec = true;};
};
environment.systemPackages = with pkgs; [
jellyfin-ffmpeg
];
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-compute-runtime
intel-media-driver
intel-vaapi-driver
libvdpau-va-gl
vaapiVdpau
vpl-gpu-rt
];
};
services.jellyseerr.enable = true;
services.jellyseerr.openFirewall = true;
services.nginx = {
virtualHosts = {
"jelly.deku.moe" = {
serverName = "jelly.deku.moe";
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:8096/";
extraConfig = ''
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
};
};
services.fail2ban.jails.jellyfin = {
enabled = true;
filter = "jellyfin";
};
environment.etc = {
jellyfin = {
target = "fail2ban/filter.d/jellyfin.conf";
text = ''
[INCLUDES]
before = common.conf
[Definition]
failregex = ^.*Authentication request for .* has been denied \(IP: "<ADDR>"\)\.
ignoreregex =
journalmatch = _SYSTEMD_UNIT=jellyfin.service
'';
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink