New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sickbeard/Sickgear/Sickrage: Init and module #46607
Conversation
description = "Path where to store data files."; | ||
}; | ||
configFile = mkOption { | ||
default = "/var/lib/sickbeard/config.ini"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be "${dataDir}/config.ini and be sure to add a rec above so you can reference dataDir properly, I believe.
|
||
config = mkIf cfg.enable { | ||
|
||
users.users.sickbeard = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the options you allow the user to specify username but don't act on it. If I wanted to run sickgear as my own user I could not. See the user and group creation from here as an example:
|
||
users.users.sickbeard = { | ||
uid = config.ids.uids.sickbeard; | ||
group = "sickbeard"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be group instead of "sickgear".
uid = config.ids.uids.sickbeard; | ||
group = "sickbeard"; | ||
description = "sickbeard user"; | ||
home = "/var/lib/sickbeard/"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be dataDir.
createHome = true; | ||
}; | ||
|
||
users.groups.sickbeard = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment as user. See group in linked example.
}; | ||
|
||
systemd.services.sickbeard = { | ||
description = "sickbeard server"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
According to #45638:
"I don't remember where we have that documented, but service descriptions should be upper-case-first for every word."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good to me.
Hey all, @rembo10 No worries, I agree with you, it's better to have all similar packages behind the same service. I suppose that, as they are all forks of sickbeard, they work the same. However, I don't understand why we don't leverage Systemd's I did that in my PR (see https://github.com/NixOS/nixpkgs/pull/46340/files#diff-f653b9eaf598496872612beefd0cb752R32). The beginning of
And I don't think this is the case here. What do you think ? EDIT : formating |
@sterfield Interesting. Does sickbeard not store download files under the directory specified? How would that work with DynamicUser? I have transmission running on my system and since there is a dedicated user I can add the transmission group to my own user accounts extra groups so I have access to the downloaded files. |
Well, I looked at systemd's documentation page and found lots of interesting stuff. Here, As for the And obviously, EDIT : formatting and some clarification. |
As far as I can remember, no. Sickbeard is storing its db in the |
I think it's useful to give them dedicated ids since they're moving files around. For example, I add sickbeard to the 'storage' group, which has write access to a mounted drive |
But an non-dedicated id for sickrage / sickbeard will allow you to do that, no ? |
Ah would it? Ok, sorry I think maybe I misunderstood. I'm happy to make the change as long as it'll work with my setup 😂😅 |
It has to be tested, but from my point of view:
and that should be it. One additional option we could create is a list of group user |
I'm still doing a bit of research but I stumbled across this comment that seems to suggest that it won't work for my use case (and I imagine many others') as these services are usually used in conjunction with transmission, sabnznd, etc. Sorry - I'm still trying to wrap my head around all of this so I might be missing something totally obvious. Reading the systemd link above, it seems like you can pass a list of groups to run the service as, but do they also have access to directories outside of /var/lib/service? Or would those directories need to be mounted? |
That's what I mentioned in one of my comment:
So we can do three things here:
So ultimately, there's no big differences.
|
I'm not sure I know enough about this to make the decision as I'm quite new to nix / nixos so I'll defer to your guys' judgement on this |
My opinion is that there can be a use case for specifying both username and group for services like this, so personally I would go with the third option which you currently have implemented. I'll also add that I'm no authority though. :-) |
I still don't understand why you want to fix uid/gid in But the code looks good to me, so if you want to merge it like that, then go for it ! |
@@ -0,0 +1,92 @@ | |||
{ config, lib, pkgs, ... }: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think the nixos module belongs here. Sonarr, couchpotato modules are stored under nixos/modules/services/misc
so I think sickbeard should be put there as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think your right. Fixed.
I'll leave it up to you guys to decide about the id situation. Just let me know and I can make changes |
@sterfield Just reread your options... Is the only difference between option 2 and 3 the predefined ids? If so I think I'm indifferent between the two. I still think there would be value in allowing the user to specify the user and group the service runs as, but I don't know enough about sickbeard to say. It sounds like @rembo10 and I are leaving the decision to you. |
So, I'm all for letting the user choose which user / group to handle the service. The code you did is really cool. The only concern I have is the use of predefined ids, where I don't see really the need here. In addition, some comments in the file mentioned to not go above uid 399, and we are getting close to that. So here's my thoughts:
What do you think ? |
Sounds good to me. |
Here's the thread on discourse : https://discourse.nixos.org/t/predefined-uids-gids-when-to-use-them-and-when-not-to-use-them/956?u=sterfield |
I thought about it yesterday, and I found one use case where fixing the uid/gid could be beneficial. Predefined uid prevents this situation. Nothing that a good You know what ? Merge this. I'll find the answers of my questions and will stop bothering you guys with that. After all, I'm the one having questions 😄 |
@GrahamcOfBorg build sickbeard sickgear sickrage |
Success on aarch64-linux (full log) Attempted: sickbeard, sickgear, sickrage Partial log (click to expand)
|
Success on x86_64-darwin (full log) Attempted: sickbeard, sickgear, sickrage Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: sickbeard, sickgear, sickrage Partial log (click to expand)
|
Thanks! |
Motivation for this change
This is an attempt to unify #46538, #46214 and #46340. Added packages for sickbeard, sickgear and sickrage, and added a nixos module to specify which package to use.
@sterfield: I hope it's ok that I didn't merge your commit - since I made some changes to your package based on comments from @worldofpeace on #46514. I kept you as the maintainer for Sickrage though
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)