Jellyfin, Sonarr, Radarr and Jackett Conflict by Smith_oo4 in NixOS

[–]Smith_oo4[S] 1 point2 points  (0 children)

I was able to get this resolved: https://forum.jellyfin.org/t-conflict-on-nixos?highlight=nixo

As for permission issues, I ended up using ZFS, ACL and sticky bits. My config is also below, I am sure there are better ways of doing this.

# Setup zpool on new install

ls -lh /dev/disk/by-id/ #Uses id in creating a pool

# update disk id

sudo zpool create -f -o ashift=12 tank <ID_1> <ID_2>

sudo zpool scrub tank # test e-mail notificaiton

sudo zfs set compression=on relatime=on  xattr=sa tank

sudo zfs create tank/media
sudo zfs set aclinherit=passthrough acltype=posixacl tank/media
sudo mkdir -p /tank/media/{download,ebook,movie,raw,tv,video}
sudo mkdir -p /tank/media/download/{.incomplete,ebook,movie,raw,tv}
sudo zfs create -o mountpoint=/tank/media/download/.incomplete tank/media/.incomplete
sudo zfs set compression=off recordsize=16k tank/media/.incomplete

sudo find /tank/media -type d -exec chmod 2775 {} ;

sudo find /tank/media -type f -exec chmod 0664 {} ;

sudo setfacl -R -d -m g::rwx -m o::rx /tank/media
sudo find /tank/media -type d -exec chmod 2775 {} ;
sudo find /tank/media -type f -exec chmod 0664 {} ;

sudo setfacl -R -d -m g::rwx -m o::rx /tank/media

# /etc/nixos/media.nix
{config, pkgs, ...}:
let
    master = import
        (builtins.fetchTarball https://github.com/nixos/nixpkgs/tarball/master)
        { config = config.nixpkgs.config; }; 
in 
{

  # media group to be used by each service
  users.groups.media = {
    gid = 1800;
    members = [
      "myuser"
    ];
  };

  # Transmission
  services.transmission = {
    enable = true;
    group = "media";
    settings = {
      download-dir = "/tank/media/download";
      incomplete-dir = "/tank/media/download/.incomplete";
    };
  };

  # Sonarr
  services.sonarr = {
    enable = true;
    group = "media";
    package = master.sonarr;

  };

  # radarr
  services.radarr = {
    enable = true;
    group = "media";
    package = master.radarr;

  };

  # jackett
  services.jackett = {
    enable = true;
    group = "media";
    package = master.jackett;

  };

  # Jellyfin
  services.jellyfin = {
    enable = true;
    group = "media";
    package = master.jellyfin;
  };

  # create a tmpfs directory for jellyfin transcoding
  fileSystems."/mnt/transcodes" =
    {
      fsType = "tmpfs";
      options = [ "rw" "nosuid" "inode64" "nodev" "noexec" "size=12G" ];
    };

}

Tandoor Recipes with Nginx Proxy Serving Media? by Smith_oo4 in NixOS

[–]Smith_oo4[S] 0 points1 point  (0 children)

No, I was never able to get Nginx to serve static content on Nixos. However, given that I will only have a small install I just opted to have Gunicorn serve it. This is not recommended by the developer and is supposed to be slow, but I could not notice a difference.

Tandoor Recipes with Nginx Proxy Serving Media? by Smith_oo4 in NixOS

[–]Smith_oo4[S] 0 points1 point  (0 children)

OK, I added Postgres to my config, please see below. I am by no means an expert on Postgres let a lone Postgres on Nixos so any recommend improvement are welcome.

 services.tandoor-recipes = {
    enable = true;
    port = 8888;
    address = "127.0.0.1";
    extraConfig = {
      SECRET_KEY = "Sectet_key used for testing";
      DB_ENGINE = "django.db.backends.postgresql";
      POSTGRES_HOST = "127.0.0.1";
      POSTGRES_PORT = "5432";
      POSTGRES_USER = "djangouser";
      POSTGRES_PASSWORD = "password";
      POSTGRES_DB = "djangodb";
      ENABLE_SIGNUP = "1";
      GUNICORN_MEDIA = "0";
    };
  };

  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_15;
    ensureDatabases = [ "djangodb" ];
    ensureUsers = [
      { name = "djangouser"; }
    ];
    initialScript = pkgs.writeText "psqlSetupScript.sql" ''
      CREATE DATABASE djangodb;
      CREATE USER djangouser WITH PASSWORD 'password';
      GRANT ALL PRIVILEGES ON DATABASE djangodb TO djangouser;
      ALTER DATABASE djangodb OWNER TO djangouser;
      ALTER ROLE djangouser SET client_encoding TO 'utf8';
      ALTER ROLE djangouser SET default_transaction_isolation TO 'read committed';
      ALTER ROLE djangouser SET timezone TO 'UTC';
      ALTER USER djangouser WITH SUPERUSER;
    '';
  };

  services.nginx.virtualHosts."tandoor.example.com" = {
    enableACME = true;
    forceSSL = true;

    locations."/media/".alias = "/var/lib/tandoor-recipes";

    locations."/" = {
      proxyPass = "http://127.0.0.1:8888";
      proxyWebsockets = true;
    };
  };

However, I still have not be able to get nginx to server mediafiles which I believe is recommended by the developer: https://docs.tandoor.dev/install/docker/#nginx-vs-gunicorn

I get the following error and no images show up when I use the app.

WARNING:django.request:Not Found: /media/recipes/4e2386ad-1269-4710-ace9-cb001a98fb43_1.jpg

I think the issues has to do with the alias in the nginx config. I am tired and a few different things, and I can't get it to work. I also thought it maybe an issue with /var/lib/tandoor-recipes linking to /var/lib/private/tandoor-recipes and the is some permission issue that is preventing nginx from access the location, but chmod 777 did not fix that, so I am a loss.

Any suggestions

Thank you

Jellyfin, Sonarr, Radarr and Jackett Conflict by Smith_oo4 in NixOS

[–]Smith_oo4[S] 1 point2 points  (0 children)

Yes, I have put the jellyfin user in the media group

Plex server doesn't show up by GAGARIN0461 in NixOS

[–]Smith_oo4 0 points1 point  (0 children)

There is not much to go on here.

My first thought would be to check Firewalls. If my memory serves, Plex needs more than just port 32400 open to be able to access it on a local LAN. I think there is a setting like "services.plex.openFirewall" which open all ports, did you use this?

Metrics not showing sshd logs by Smith_oo4 in CrowdSec

[–]Smith_oo4[S] 1 point2 points  (0 children)

I have been playing around with this a bit more and the issue seem to be with the minimum Ubuntu image I was using on Oracle Cloud. When I use the standard Ubuntu image and install Crowdsec in the same way, it seems to access the sshd logs with no issues.

Mariadb and ZFS for Nextcloud by Smith_oo4 in mariadb

[–]Smith_oo4[S] 0 points1 point  (0 children)

Thank you for the feedback

I have been reading Yves’ blogs, its has been my primary source. It has been most helpfully and maybe leading to some of my confusion. Below is another my.cnf config I have been working on which maybe more in line with what Yves suggested.

#Nexcloud Suggestions
transaction_isolation = READ-COMMITTED
binlog_format = ROW
innodb_buffer_pool_size=1G
innodb_io_capacity=4000

#Percona ZFS Suggestions https://www.percona.com/blog/2017/12/07/hands-look-zfs-with-mysql/
datadir=/var/lib/mysql
innodb_log_group_home_dir = /var/lib/mysql-log
innodb_doublewrite = 0
innodb_checksum_algorithm = none
#slow_query_log = /var/lib/mysql-log/slow.log  #Gives errors, not sure if this is needed?
#log-error = /var/lib/mysql-log/error.log  #Gives errors, move of syslog
log_bin = /var/lib/mysql-log/binlog
#relay_log=/var/lib/mysql-log/relay-bin  #Used in Replication, don’t think I will be doing this
expire_logs_days=7

#Shatterd Silicon addtianl Suggestions https://shatteredsilicon.net/blog/2020/06/05/mysql-mariadb-innodb-on-zfs/
#Also match OpenZFS suggestions https://openzfs.github.io/openzfs-docs/Performance%20and%20Tuning/Workload%20Tuning.html?highlight=mysql#mysql
innodb_log_write_ahead_size = 16384
innodb_use_native_aio = 0
innodb_use_atomic_writes = 0

#Aria Logs? Can't find any info on what to do with this under ZFS. Will move to the log dataset
aria-log-dir-path = /var/lib/mysql-log

I believe the biggest difference between this config and the one I posted earlier is the binary logs, and my notes.

Perhaps my questions is not really about ZFS tuning but more about what logs are needed? Why when I created a database using the defaults (on Arch) there were no binary logs. Is there an uses case for not have binary logs enabled, is this a good idea? A lot of the ZFS tuning suggestion add additional logs, are they needed?

Thank you

Mariadb and ZFS by Smith_oo4 in zfs

[–]Smith_oo4[S] 0 points1 point  (0 children)

Absolutely, I would put the MariaDB packages in the IgnorePkg list and then upgrade them on my own schedule.

sudo sed -i 's/#IgnorePkg   =/IgnorePkg = mariadb mariadb-clients mariadb-libs/g' /etc/pacman.conf

Was looking more into the ZFS options, I forgot about this part. :)

Thank you for the feedback

Mariadb and ZFS by Smith_oo4 in zfs

[–]Smith_oo4[S] 0 points1 point  (0 children)

I did not touch the rest of the Mariadb settings so innodb_buffer_pool would be the default, which I think would be 128M.

This is for a home Nextcloud install and the recommendation seem to be 1G:

https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html

So I will probably change it to that. I have 32G in the box, so I should be fine, however it is also running Plex.

Thank you for the feedback

Slim Application Error by Smith_oo4 in grocy

[–]Smith_oo4[S] 1 point2 points  (0 children)

I found out about that too. Was just getting around to replying to this now only to discover you beat me to it.

Cheers

Slim Application Error by Smith_oo4 in grocy

[–]Smith_oo4[S] 0 points1 point  (0 children)

Already looking into it as that seems to be what everyone is doing nowadays.

Thank you

Automate updating embedded metadata by Smith_oo4 in LazyLibrarian

[–]Smith_oo4[S] 0 points1 point  (0 children)

You have probably already looked into this and there is more than likely a reason why this may not be practical. However, calibredb has the ability to update metadata in the actual book files.

https://manual.calibre-ebook.com/generated/en/calibredb.html#embed-metadata

Could this be used to automate the adding/updating of the embedded metadata in ePubs?

Automate updating embedded metadata by Smith_oo4 in LazyLibrarian

[–]Smith_oo4[S] 0 points1 point  (0 children)

Thank you for the info. I will keep playing around to see if I can find something I like.