In the migration to `tmpfiles.d(5)`, I used the wrong type of file.
Using `f` would write the path to the file as its content, rather than
copy it. Unfortunately `C` and `C+` do not overwrite an existing file,
so using a symlink it the correct solution here.
This means the SSH key file must have `lohr` as an owner... Perhaps I
should make it so the service can read the file itself, rather than
rely on the filesystem location, so that I don't have to contort myself
quite so much to make it work.
OVH/Kimsufi are deprecating my current server by the end of the year. So
let's migrate to a new host.
This was more painful than initially planned, OVH introduced a change to
their rescue system which messes with the NixOS installation [1].
In the end I used a kexec image [2] to run the installation.
[1]: https://github.com/NixOS/nix/issues/7790
[2]: https://github.com/nix-community/nixos-images
I just noticed that all the metadata files Jellyfin stores have very
restrictive ACLs.
The whole point of the `media` group is to make my HTPC eco-system work
together. In particular this should allow Sonarr and friends to delete
folders without manual intervention.
It's recommended to only enable the IPv4 option, as most mDNS responders
only register IPv4 addresses (therefore enabling IPv6 would lead to long
timeouts when checking for those addresses first).
My tandoor-recipes fix was merged upstream, so remove the overlay.
And because of the recent postgres bump for 23.11, `ensureDBOwnership`
is the new way of dealing with DB permissions [1]. This means I had to
fix manually migrate my `gitea` DB and make it match the DB user.
[1]: https://github.com/NixOS/nixpkgs/pull/266270
My profiles are actually just "special" NixOS modules in that they
orchestrate settings that usually span the NixOS/home-manager boundary,
or otherwise set up configurations from multiple modules at once.
Let's consolidate all modules under one path, so that NixOS,
home-manager, and nix-darwin (if I ever end up using it down the line)
would go under the same folder.