thegeneralist01/config
1
Fork 0
mirror of https://github.com/thegeneralist01/config.git synced 2026-03-10 10:40:29 +01:00
Code Issues Activity

fix plex

Browse source
This commit is contained in:
TheGeneralist 2026-03-09 22:30:42 +01:00
parent 6e1e8c1b8f
commit 07c949f7ff
Signed by: thegeneralist01
SSH key fingerprint: SHA256:pp9qddbCNmVNoSjevdvQvM5z0DHN7LTa8qBMbcMq/R4
2 changed files with 63 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

78
hosts/thegeneralist-central/plex/default.nix
View file

@ -23,32 +23,29 @@ let
nativeBuildInputs = [ pkgs.dpkg ]; nativeBuildInputs = [ pkgs.dpkg ];
unpackPhase = '' unpackPhase = ''
runHook preUnpack
dpkg-deb -x $src . dpkg-deb -x $src .
runHook postUnpack
''; '';
installPhase = '' installPhase = ''
runHook preInstall
mkdir -p $out mkdir -p $out
cp -r usr/* $out/ cp -r usr/* $out/
runHook postInstall
''; mkdir -p $out/bin
}; cat > $out/bin/plexmediaserver <<EOF
in #!${pkgs.runtimeShell}
{
services.plex = { export PLEX_MEDIA_SERVER_HOME=$out/lib/plexmediaserver
enable = true; export PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="\$PLEX_DATADIR/Library/Application Support/Plex Media Server"
package = plex; export LD_LIBRARY_PATH=$out/lib/plexmediaserver
# openFirewall = true;
exec "$out/lib/plexmediaserver/Plex Media Server" "\$@"
EOF
chmod +x $out/bin/plexmediaserver
'';
}; };
networking.firewall.interfaces."tailscale0" = { config = ssl // {
allowedTCPPorts = [ 3005 8324 32469 80 443 ];
allowedUDPPorts = [ 1900 5353 32410 32412 32413 32414 ];
};
services.nginx.virtualHosts.${domain} = ssl // {
listen = [ listen = [
{ {
addr = "100.86.129.23"; addr = "100.86.129.23";
@ -85,7 +82,52 @@ in
# Buffering off send to the client as soon as the data is received from Plex. # Buffering off send to the client as soon as the data is received from Plex.
proxy_redirect off; proxy_redirect off;
proxy_buffering off; proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
''; '';
}; };
}; };
in
{
services.plex = {
enable = true;
package = plex;
dataDir = "/var/lib/plex";
# openFirewall = true;
};
systemd.tmpfiles.rules = [
"d /var/lib/plex/Library/Application\\040Support/Plex\\ Media\\ Server 0755 plex plex -"
"f /var/lib/plex/Library/Application\\040Support/Plex\\ Media\\ Server/Preferences.xml 0644 plex plex -"
];
systemd.services.plex-fix-perms = {
description = "Fix Plex library permissions";
wants = [ "plex.service" ]; # Plex depends on this
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = ''
mkdir -p "/var/lib/plex/Library/Application Support/Plex Media Server"
chown -R plex:plex "/var/lib/plex/Library/Application Support/Plex Media Server"
'';
};
};
networking.firewall.interfaces."tailscale0" = {
allowedTCPPorts = [ 3005 8324 32469 80 443 ];
allowedUDPPorts = [ 1900 5353 32410 32412 32413 32414 ];
};
services.nginx.virtualHosts = {
${domain} = config;
"100.86.129.23" = config;
};
systemd.services."plex".serviceConfig = {
Wants = [ "tailscaled.service" ];
After = [ "network-online.target" "tailscaled.service" ];
};
} }

2
modules/linux/tailscale.nix
View file

@ -6,7 +6,7 @@
useRoutingFeatures = "both"; useRoutingFeatures = "both";
openFirewall = true; # or false? openFirewall = true; # or false?
extraUpFlags = [ "--ssh" ]; extraUpFlags = [ "--ssh" ];
extraSetFlags = [ "--advertise-exit-node" ]; extraSetFlags = [ "--advertise-routes=172.16.223.0/24" "--advertise-exit-node" ];
disableTaildrop = false; disableTaildrop = false;
authKeyFile = config.age.secrets.tailscaleMarshall.path; authKeyFile = config.age.secrets.tailscaleMarshall.path;
}; };