Test new jellyseerr version

flake.lock

@@ -123,11 +123,11 @@
         "stable": "stable"
       },
       "locked": {
-        "lastModified": 1734897875,
+        "lastModified": 1731527002,
-        "narHash": "sha256-LLpiqfOGBippRax9F33kSJ/Imt8gJXb6o0JwSBiNHCk=",
+        "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=",
         "owner": "zhaofengli",
         "repo": "colmena",
-        "rev": "a6b51f5feae9bfb145daa37fd0220595acb7871e",
+        "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1",
         "type": "github"
       },
       "original": {
@@ -176,11 +176,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734701201,
+        "lastModified": 1733168902,
-        "narHash": "sha256-hk0roBX10j/hospoWIJIJj3i2skd7Oml6yKQBx7mTFk=",
+        "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "2ee76c861af3b895b3b104bae04777b61397485b",
+        "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
         "type": "github"
       },
       "original": {
@@ -256,11 +256,11 @@
     "flake-compat_5": {
       "flake": false,
       "locked": {
-        "lastModified": 1733328505,
+        "lastModified": 1696426674,
-        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
         "type": "github"
       },
       "original": {
@@ -330,32 +330,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1733312601,
+        "lastModified": 1704152458,
-        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
+        "narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
+        "rev": "88a2cd8166694ba0b6cb374700799cec53aef527",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
-    "flake-parts_3": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "nur",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733312601,
-        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
         "type": "github"
       },
       "original": {
@@ -462,11 +441,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1734797603,
+        "lastModified": 1733318908,
-        "narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=",
+        "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498",
+        "rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
         "type": "github"
       },
       "original": {
@@ -563,11 +542,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734366194,
+        "lastModified": 1733050161,
-        "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=",
+        "narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f",
+        "rev": "62d536255879be574ebfe9b87c4ac194febf47c5",
         "type": "github"
       },
       "original": {
@@ -676,11 +655,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734838217,
+        "lastModified": 1733024876,
-        "narHash": "sha256-zvMLS8BGn+kMG7tLLT3PJ67/S9yqZ9B7V8hKBa9cRRY=",
+        "narHash": "sha256-vy9Q41hBE7Zg0yakF79neVgb3i3PQMSMR7uHPpPywFE=",
         "owner": "nix-community",
         "repo": "nix-index-database",
-        "rev": "d583b2d142f0428313df099f4a2dcf2a0496aa78",
+        "rev": "6e0b7f81367069589a480b91603a10bcf71f3103",
         "type": "github"
       },
       "original": {
@@ -699,11 +678,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734289443,
+        "lastModified": 1730022297,
-        "narHash": "sha256-oU3AGvzByR7622kntPUPIHfAreOIktAsJav2ATHuc18=",
+        "narHash": "sha256-eVMEONp3yqu0gy0RtOSEpOAueXuQsGQVqac3qCJixMU=",
         "owner": "pdtpartners",
         "repo": "nix-snapshotter",
-        "rev": "387e220d369dfa0ad093035515e8757f83144be8",
+        "rev": "c738f1a16a8612dfc474a4424bacff7e89369ca3",
         "type": "github"
       },
       "original": {
@@ -759,11 +738,11 @@
         "rust-overlay": "rust-overlay_2"
       },
       "locked": {
-        "lastModified": 1735004289,
+        "lastModified": 1733328873,
-        "narHash": "sha256-cJmBhr59xQXwkvF+EZPhKTebgHyqXoei8u2Qq2QJYzE=",
+        "narHash": "sha256-tvy/IE0qwY37JcSZhhqNbhvVi1xdWrMRsLZ6D/+0Eyw=",
         "owner": "lilyinstarlight",
         "repo": "nixos-cosmic",
-        "rev": "b9bfb93c7632a0e007a3a05fe77c0475d05e045a",
+        "rev": "2e87e0f9f40a31396ed94b4a42595662c2eeaf31",
         "type": "github"
       },
       "original": {
@@ -774,11 +753,11 @@
     },
     "nixos-facter-modules": {
       "locked": {
-        "lastModified": 1734596637,
+        "lastModified": 1732288619,
-        "narHash": "sha256-MRqwVAe3gsb88u4ME1UidmZFVCx+FEnoob0zkpO9DMY=",
+        "narHash": "sha256-zSQ2cR+NRJfHUVfkv+O6Wi53wXfzX8KHiO8fRfnvc0M=",
         "owner": "numtide",
         "repo": "nixos-facter-modules",
-        "rev": "536472754982bf03079b4b4e0261838a760587c0",
+        "rev": "862648589993a96480c2255197a28feea712f68f",
         "type": "github"
       },
       "original": {
@@ -789,11 +768,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1734954597,
+        "lastModified": 1733217105,
-        "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=",
+        "narHash": "sha256-fc6jTzIwCIVWTX50FtW6AZpuukuQWSEbPiyg6ZRGWFY=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "def1d472c832d77885f174089b0d34854b007198",
+        "rev": "cceee0a31d2f01bcc98b2fbd591327c06a4ea4f9",
         "type": "github"
       },
       "original": {
@@ -805,11 +784,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1734119587,
+        "lastModified": 1730785428,
-        "narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=",
+        "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5",
+        "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7",
         "type": "github"
       },
       "original": {
@@ -853,11 +832,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1734988233,
+        "lastModified": 1733097829,
-        "narHash": "sha256-Ucfnxq1rF/GjNP3kTL+uTfgdoE9a3fxDftSfeLIS8mA=",
+        "narHash": "sha256-9hbb1rqGelllb4kVUCZ307G2k3/UhmA8PPGBoyuWaSw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "de1864217bfa9b5845f465e771e0ecb48b30e02d",
+        "rev": "2c15aa59df0017ca140d9ba302412298ab4bf22a",
         "type": "github"
       },
       "original": {
@@ -869,11 +848,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1734649271,
+        "lastModified": 1732837521,
-        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
+        "narHash": "sha256-jNRNr49UiuIwaarqijgdTR2qLPifxsVhlJrKzQ8XUIE=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
+        "rev": "970e93b9f82e2a0f3675757eb0bfc73297cc6370",
         "type": "github"
       },
       "original": {
@@ -885,11 +864,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1734875076,
+        "lastModified": 1733261153,
-        "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=",
+        "narHash": "sha256-eq51hyiaIwtWo19fPEeE0Zr2s83DYMKJoukNLgGGpek=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "1807c2b91223227ad5599d7067a61665c52d1295",
+        "rev": "b681065d0919f7eb5309a93cea2cfa84dec9aa88",
         "type": "github"
       },
       "original": {
@@ -900,22 +879,6 @@
       }
     },
     "nixpkgs_4": {
-      "locked": {
-        "lastModified": 1734649271,
-        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_5": {
       "locked": {
         "lastModified": 1725194671,
         "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=",
@@ -931,13 +894,13 @@
         "type": "github"
       }
     },
-    "nixpkgs_6": {
+    "nixpkgs_5": {
       "locked": {
-        "lastModified": 1733097829,
+        "lastModified": 1731890469,
-        "narHash": "sha256-9hbb1rqGelllb4kVUCZ307G2k3/UhmA8PPGBoyuWaSw=",
+        "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "2c15aa59df0017ca140d9ba302412298ab4bf22a",
+        "rev": "5083ec887760adfe12af64830a66807423a859a7",
         "type": "github"
       },
       "original": {
@@ -948,17 +911,12 @@
       }
     },
     "nur": {
-      "inputs": {
-        "flake-parts": "flake-parts_3",
-        "nixpkgs": "nixpkgs_4",
-        "treefmt-nix": "treefmt-nix"
-      },
       "locked": {
-        "lastModified": 1735023107,
+        "lastModified": 1733327348,
-        "narHash": "sha256-2SGa/zt8L3VnYIOXZ22tyKtyqfrHKp8VvwvBBhipBlY=",
+        "narHash": "sha256-C9cakd/zcXDhzIeHjjzToBx8bEVqWVB53RUzpUcKboM=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "93d9e3ea11110b392a313a7568b830570314fe3c",
+        "rev": "81acc5a20ba2d84d206f61d2784147900965cd9f",
         "type": "github"
       },
       "original": {
@@ -1019,7 +977,7 @@
         "nur": "nur",
         "sops-nix": "sops-nix",
         "stylix": "stylix",
-        "treefmt-nix": "treefmt-nix_2"
+        "treefmt-nix": "treefmt-nix"
       }
     },
     "rust-overlay": {
@@ -1055,11 +1013,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734834660,
+        "lastModified": 1732933841,
-        "narHash": "sha256-bm8V+Cu8rWJA+vKQnc94mXTpSDgvedyoDKxTVi/uJfw=",
+        "narHash": "sha256-dge02pUSe2QeC/B3PriA0R8eAX+EU3aDoXj9FcS3XDw=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "b070e6030118680977bc2388868c4b3963872134",
+        "rev": "c65e91d4a33abc3bc4a892d3c5b5b378bad64ea1",
         "type": "github"
       },
       "original": {
@@ -1075,11 +1033,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734546875,
+        "lastModified": 1733128155,
-        "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=",
+        "narHash": "sha256-m6/qwJAJYcidGMEdLqjKzRIjapK4nUfMq7rDCTmZajc=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d",
+        "rev": "c6134b6fff6bda95a1ac872a2a9d5f32e3c37856",
         "type": "github"
       },
       "original": {
@@ -1117,7 +1075,7 @@
         "flake-utils": "flake-utils_4",
         "gnome-shell": "gnome-shell",
         "home-manager": "home-manager_2",
-        "nixpkgs": "nixpkgs_5",
+        "nixpkgs": "nixpkgs_4",
         "systems": "systems_4"
       },
       "locked": {
@@ -1217,10 +1175,7 @@
     },
     "treefmt-nix": {
       "inputs": {
-        "nixpkgs": [
+        "nixpkgs": "nixpkgs_5"
-          "nur",
-          "nixpkgs"
-        ]
       },
       "locked": {
         "lastModified": 1733222881,
@@ -1235,24 +1190,6 @@
         "repo": "treefmt-nix",
         "type": "github"
       }
-    },
-    "treefmt-nix_2": {
-      "inputs": {
-        "nixpkgs": "nixpkgs_6"
-      },
-      "locked": {
-        "lastModified": 1734982074,
-        "narHash": "sha256-N7M37KP7cHWoXicuE536GrVvU8nMDT/gpI1kja2hkdg=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "e41e948cf097cbf96ba4dff47a30ea6891af9f33",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
     }
   },
   "root": "root",

home-manager/neovim/default.nix

@@ -9,10 +9,6 @@ in {
   options.pim.neovim.enable = lib.mkEnableOption "neovim";
 
   config = lib.mkIf cfg.enable {
-    # Disable Stylix styling of Neovim,
-    # because we have a plugin for that.
-    stylix.targets.neovim.enable = false;
-
     programs.neovim = {
       enable = true;
       viAlias = true;

machines/atlas/configuration.nix

@@ -1,4 +1,12 @@
-{config, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
+  imports = [./jellyseerr-module.nix];
+
+  disabledModules = ["services/misc/jellyseerr.nix"];
+
   config = {
     facter.reportPath = ./facter.json;
     system.stateVersion = "23.05";
@@ -10,5 +18,10 @@
       targetUser = "root";
       tags = ["server" "kubernetes"];
     };
+
+    services.jellyseerr = {
+      enable = true;
+      package = pkgs.callPackage ./jellyseerr.nix {};
+    };
   };
 }

machines/atlas/jellyseerr-module.nix

@@ -0,0 +1,76 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.services.jellyseerr;
+in {
+  meta.maintainers = with lib.maintainers; [camillemndn pizzapim];
+
+  options.services.jellyseerr = {
+    enable = lib.mkEnableOption ''Jellyseerr, a requests manager for Jellyfin'';
+    package = lib.mkPackageOption pkgs "jellyseerr" {};
+
+    openFirewall = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''Open port in the firewall for the Jellyseerr web interface.'';
+    };
+
+    port = lib.mkOption {
+      type = lib.types.port;
+      default = 5055;
+      description = ''The port which the Jellyseerr web UI should listen to.'';
+    };
+
+    config_directory = lib.mkOption {
+      description = ''
+        The directory to save run-time configuration.
+      '';
+      type = lib.types.str;
+      example = "/jellyseerr";
+      default = "/var/lib/jellyseerr";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.jellyseerr = {
+      description = "Jellyseerr, a requests manager for Jellyfin";
+      after = ["network.target"];
+      wantedBy = ["multi-user.target"];
+      environment = {
+        PORT = toString cfg.port;
+        CONFIG_DIRECTORY = cfg.config_directory;
+      };
+      serviceConfig = {
+        Type = "exec";
+        StateDirectory = "jellyseerr";
+        # WorkingDirectory = "${cfg.package}/libexec/jellyseerr/deps/jellyseerr";
+        DynamicUser = true;
+        ExecStart = lib.getExe cfg.package;
+        # BindPaths = ["/var/lib/jellyseerr/:${cfg.package}/libexec/jellyseerr/deps/jellyseerr/config/"];
+        Restart = "on-failure";
+        ProtectHome = true;
+        ProtectSystem = "strict";
+        PrivateTmp = true;
+        PrivateDevices = true;
+        ProtectHostname = true;
+        ProtectClock = true;
+        ProtectKernelTunables = true;
+        ProtectKernelModules = true;
+        ProtectKernelLogs = true;
+        ProtectControlGroups = true;
+        NoNewPrivileges = true;
+        RestrictRealtime = true;
+        RestrictSUIDSGID = true;
+        RemoveIPC = true;
+        PrivateMounts = true;
+      };
+    };
+
+    networking.firewall = lib.mkIf cfg.openFirewall {
+      allowedTCPPorts = [cfg.port];
+    };
+  };
+}

machines/atlas/jellyseerr.nix

@@ -0,0 +1,89 @@
+{
+  lib,
+  fetchFromGitHub,
+  makeWrapper,
+  node-pre-gyp,
+  nodejs,
+  pnpm_9,
+  python3,
+  stdenv,
+}:
+stdenv.mkDerivation (finalAttrs: {
+  pname = "jellyseerr";
+  version = "2.1.0";
+
+  src = with finalAttrs;
+    fetchFromGitHub {
+      owner = "Fallenbagel";
+      repo = "jellyseerr";
+      rev = "v${version}";
+      hash = "sha256-5kaeqhjUy9Lgx4/uFcGRlAo+ROEOdTWc2m49rq8R8Hs=";
+    };
+
+  nativeBuildInputs = [
+    nodejs
+    makeWrapper
+    pnpm_9.configHook
+
+    # Needed for compiling sqlite3 and bcrypt from source
+    node-pre-gyp
+    python3
+  ];
+
+  pnpmDeps = pnpm_9.fetchDeps {
+    inherit (finalAttrs) pname version src;
+    hash = "sha256-xu6DeaBArQmnqEnIgjc1DTZujQebSkjuai9tMHeQWCk=";
+  };
+
+  buildPhase = ''
+    runHook preBuild
+    pnpm build
+
+    # Fixes "SQLite package has not been found installed" at launch
+    pushd node_modules/sqlite3
+    export CPPFLAGS="-I${nodejs}/include/node"
+    npm run install --build-from-source --nodedir=${nodejs}/include/node
+    popd
+
+    pushd node_modules/bcrypt
+    export CPPFLAGS="-I${nodejs}/include/node"
+    npm run install --build-from-source --nodedir=${nodejs}/include/node
+    popd
+
+    runHook postBuild
+  '';
+
+  preInstall = ''
+    mkdir $out
+    cp ./package.json $out
+    rm -r .next/cache
+    cp -R ./.next $out
+    cp -R ./dist $out
+    cp ./overseerr-api.yml $out
+    cp -R ./node_modules $out
+  '';
+
+  postInstall = ''
+    makeWrapper '${nodejs}/bin/node' "$out/bin/jellyseerr" \
+      --chdir $out \
+      --add-flags "$out/dist/index.js" \
+      --set NODE_ENV production
+  '';
+
+  meta = with lib; {
+    description = "Fork of overseerr for jellyfin support";
+    homepage = "https://github.com/Fallenbagel/jellyseerr";
+    longDescription = ''
+      Jellyseerr is a free and open source software application for managing
+      requests for your media library. It is a a fork of Overseerr built to
+      bring support for Jellyfin & Emby media servers!
+    '';
+    license = licenses.mit;
+    maintainers = with maintainers; [
+      camillemndn
+      pizzapim
+    ];
+    platforms = platforms.linux;
+    mainProgram = "jellyseerr";
+  };
+})

machines/sue/configuration.nix

@@ -37,7 +37,6 @@
     nix.settings.trusted-users = ["pim"];
     system.stateVersion = "23.05";
     sops.defaultSopsFile = "${self}/secrets/sue/nixos.yaml";
-    boot.kernelPackages = pkgs.unstable.linuxKernel.packages.linux_6_12;
 
     environment.systemPackages = with pkgs; [
       borgbackup

machines/sue/pim.home.nix

@@ -32,13 +32,12 @@
       (with pkgs; [
         jellyfin-media-player
         virt-manager
-        bottles-unwrapped
-        feishin
       ])
       ++ (with pkgs.unstable; [
         attic-client
         dbeaver-bin
         devenv
+        bottles-unwrapped
         gimp
         hexchat
         impression
@@ -58,6 +57,7 @@
         wireshark
         # nheko # Has insecure olm dependency
         handbrake
+        feishin
         redfishtool
       ]);
   };