From 932717b7548ae5f7a7fdec3e7e2d78d0fca6ef68 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Tue, 26 Dec 2023 15:17:03 +0100 Subject: [PATCH] nixos: services: jellyfin: loosen umask I just noticed that all the metadata files Jellyfin stores have very restrictive ACLs. The whole point of the `media` group is to make my HTPC eco-system work together. In particular this should allow Sonarr and friends to delete folders without manual intervention. --- modules/nixos/services/jellyfin/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 9efe11e..f5aaa99 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -17,6 +17,13 @@ in # Set-up media group users.groups.media = { }; + systemd.services.jellyfin = { + serviceConfig = { + # Loose umask to make Jellyfin metadata more broadly readable + UMask = lib.mkForce "0002"; + }; + }; + my.services.nginx.virtualHosts = { jellyfin = { port = 8096;