From 6ba90c2aae05ca64acac8ffe01c4c2b72d2be6a8 Mon Sep 17 00:00:00 2001 From: David Wood Date: Mon, 1 Jul 2019 16:15:27 +0100 Subject: [PATCH] nixos/lidarr: add user/group/openFirewall opts. This commit adds new configuration options to the Lidarr module that allows configuration of the user and group that Lidarr runs as; and to open the firewall for the Lidarr port. --- nixos/modules/services/misc/lidarr.nix | 47 ++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 7 deletions(-) diff --git a/nixos/modules/services/misc/lidarr.nix b/nixos/modules/services/misc/lidarr.nix index 92108ec55088..4c37bd74f150 100644 --- a/nixos/modules/services/misc/lidarr.nix +++ b/nixos/modules/services/misc/lidarr.nix @@ -16,6 +16,30 @@ in defaultText = "pkgs.lidarr"; description = "The Lidarr package to use"; }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Open ports in the firewall for Lidarr + ''; + }; + + user = mkOption { + type = types.str; + default = "lidarr"; + description = '' + User account under which Lidarr runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "lidarr"; + description = '' + Group under which Lidarr runs. + ''; + }; }; }; @@ -27,8 +51,8 @@ in serviceConfig = { Type = "simple"; - User = "lidarr"; - Group = "lidarr"; + User = cfg.user; + Group = cfg.group; ExecStart = "${cfg.package}/bin/Lidarr"; Restart = "on-failure"; @@ -37,12 +61,21 @@ in }; }; - users.users.lidarr = { - uid = config.ids.uids.lidarr; - home = "/var/lib/lidarr"; - group = "lidarr"; + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ 8686 ]; }; - users.groups.lidarr.gid = config.ids.gids.lidarr; + users.users = mkIf (cfg.user == "lidarr") { + lidarr = { + group = cfg.group; + uid = config.ids.uids.lidarr; + }; + }; + + users.groups = mkIf (cfg.group == "lidarr") { + lidarr = { + gid = config.ids.gids.lidarr; + }; + }; }; }