From 911d5c7baa35d8ea40e7feab6004e27e96ad0c55 Mon Sep 17 00:00:00 2001 From: Felix Buehler Date: Sat, 22 Jul 2023 16:05:28 +0200 Subject: [PATCH] service/exportarr: init --- modules/services/bazarr/default.nix | 5 ++ modules/services/default.nix | 1 + modules/services/exportarr/default.nix | 112 +++++++++++++++++++++++++ modules/services/prowlarr/default.nix | 5 ++ modules/services/radarr/default.nix | 5 ++ modules/services/sonarr/default.nix | 5 ++ 6 files changed, 133 insertions(+) create mode 100644 modules/services/exportarr/default.nix diff --git a/modules/services/bazarr/default.nix b/modules/services/bazarr/default.nix index 44a7b4d..fcbbe57 100644 --- a/modules/services/bazarr/default.nix +++ b/modules/services/bazarr/default.nix @@ -26,6 +26,11 @@ in } ]; + my.services.exportarr.bazarr = { + port = port + 1; + url = "http://127.0.0.1:${toString port}"; + }; + webapps.apps.bazarr = { dashboard = { name = "Subtitles"; diff --git a/modules/services/default.nix b/modules/services/default.nix index 05d11e2..90339b3 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -8,6 +8,7 @@ ./blackbox ./blocky ./dyndns + ./exportarr ./freshrss ./gitea ./grafana diff --git a/modules/services/exportarr/default.nix b/modules/services/exportarr/default.nix new file mode 100644 index 0000000..28c7995 --- /dev/null +++ b/modules/services/exportarr/default.nix @@ -0,0 +1,112 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.my.services.exportarr; + + mkExportarrService = name: conf: + let + exportarrEnvironment = { + PORT = toString conf.port; + URL = conf.url; + } // ( + lib.mapAttrs (_: toString) conf.environment + ); + in + lib.nameValuePair "exportarr-${name}" { + description = "Exportarr Service ${name}"; + script = ''exec ${conf.package}/bin/exportarr "$@"''; + serviceConfig = { + Restart = "on-failure"; + User = "exportarr-${name}"; + Group = "exportarr-${name}"; + DynamicUser = true; + StateDirectory = "exportarr-${name}"; + WorkingDirectory = "/var/lib/exportarr-${name}"; + RuntimeDirectory = "exportarr-${name}"; + + CapabilityBoundingSet = ""; + LockPersonality = true; + PrivateDevices = true; + PrivateUsers = true; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; + RestrictNamespaces = true; + RestrictRealtime = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ "@system-service" "~@privileged @setuid @keyring" ]; + UMask = "0066"; + } // lib.optionalAttrs (conf.port < 1024) { + AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; + CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; + }; + wantedBy = [ "multi-user.target" ]; + environment = exportarrEnvironment; + }; +in +{ + meta.maintainers = with lib.maintainers; [ stunkymonkey ]; + + options.my.services.exportarr = lib.mkOption { + description = lib.mdDoc '' + This is a Prometheus Exporter will export metrics gathered from Sonarr, Radarr, Lidarr, Prowlarr, and Readarr + ''; + default = { }; + example = lib.literalExpression '' + { + "lidarr" = { + port = 8687; + url = "http://x.x.x.x:8686"; + } + "sonarr" = { + port = 9708; + url = "http://x.x.x.x:9707"; + } + }; + ''; + type = lib.types.attrsOf (lib.types.submodule ( + { name, config, ... }: { + options = { + # enable = lib.mkEnableOption "exportarr-${name}"; + port = lib.mkOption { + type = lib.types.port; + default = 9708; + description = lib.mdDoc '' + The port exportarr will listen on. + ''; + }; + + url = lib.mkOption { + type = lib.types.str; + default = "http://127.0.0.1"; + description = lib.mdDoc '' + The full URL to Sonarr, Radarr, or Lidarr. + ''; + }; + + package = lib.mkPackageOptionMD pkgs "exportarr" { }; + + environment = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = { }; + description = lib.mdDoc '' + See [the configuration guide](https://github.com/onedr0p/exportarr#configuration) for available options. + ''; + example = { + API_KEY_FILE = "/run/secrets/exportarr"; + PROWLARR__BACKFILL = true; + }; + }; + }; + } + )); + }; + + config = lib.mkIf (cfg != { }) { + systemd.services = lib.mapAttrs' mkExportarrService cfg; + }; +} diff --git a/modules/services/prowlarr/default.nix b/modules/services/prowlarr/default.nix index 7526cdb..5038655 100644 --- a/modules/services/prowlarr/default.nix +++ b/modules/services/prowlarr/default.nix @@ -36,6 +36,11 @@ in } ]; + my.services.exportarr.prowlarr = { + port = port + 1; + url = "http://127.0.0.1:${toString port}"; + }; + webapps.apps.prowlarr = { dashboard = { name = "Indexer"; diff --git a/modules/services/radarr/default.nix b/modules/services/radarr/default.nix index 48d6387..a9912ac 100644 --- a/modules/services/radarr/default.nix +++ b/modules/services/radarr/default.nix @@ -26,6 +26,11 @@ in } ]; + my.services.exportarr.radarr = { + port = port + 1; + url = "http://127.0.0.1:${toString port}"; + }; + webapps.apps.radarr = { dashboard = { name = "Movies"; diff --git a/modules/services/sonarr/default.nix b/modules/services/sonarr/default.nix index f8894fb..063f798 100644 --- a/modules/services/sonarr/default.nix +++ b/modules/services/sonarr/default.nix @@ -26,6 +26,11 @@ in } ]; + my.services.exportarr.sonarr = { + port = port + 1; + url = "http://127.0.0.1:${toString port}"; + }; + webapps.apps.sonarr = { dashboard = { name = "Series";