numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Bunch of bugfixes. Made quirk and permissions fixing scripts more reliable.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-02-26 19:34:47 +01:00
parent a98e25abe5
commit 329355d6c0
8 changed files with 57 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/services/gitea.nix
+3 -1
View File
@@ -24,7 +24,9 @@ helper.mkPodmanService {
DB_PASSWORD = "xkcdpass -n 8 -d -"; DB_PASSWORD = "xkcdpass -n 8 -d -";
}; };
dirPermissions = [ dirPermissions = [
"100999:users ${cfg.configDir}" "100999:100 ${cfg.configDir}/data"
"100999:100 ${cfg.configDir}/config"
"100999:100 ${cfg.configDir}/database"
]; ];
composeText = '' composeText = ''
modules/services/home-assistant.nix
+24 -12
View File
@@ -23,8 +23,8 @@ helper.mkPodmanService {
HOME_ASSISTANT_MQTT_PASSWORD = "xkcdpass -n 8 -d -"; HOME_ASSISTANT_MQTT_PASSWORD = "xkcdpass -n 8 -d -";
}; };
dirPermissions = [ dirPermissions = [
"numbus-admin:users ${cfg.configDir}/home-assistant" "1000:100 ${cfg.configDir}/config"
"100999:users ${cfg.configDir}/mqtt" "100999:100 ${cfg.configDir}/mqtt"
]; ];
# Compose file good # Compose file good
@@ -39,7 +39,7 @@ helper.mkPodmanService {
ports: ports:
- "${cfg.port}:8123/tcp" - "${cfg.port}:8123/tcp"
volumes: volumes:
- ${cfg.configDir}/home-assistant:/config - ${cfg.configDir}/config:/config
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro - /run/dbus:/run/dbus:ro
${lib.optionalString (cfg.devices != []) '' ${lib.optionalString (cfg.devices != []) ''
@@ -95,13 +95,20 @@ ${lib.concatStringsSep "\n" (map (d: " - \"${d}\"") cfg.devices)}
}; };
script = '' script = ''
mkdir -p /var/lib/numbus-server/${name} mkdir -p /var/lib/numbus-server/${name}
if [[ -e /var/lib/numbus-server/${name}/quirk-1.true ]]; then if [[ -e ${cfg.configDir}/config/configuration.yaml ]]; then
exit 0 if grep -qF "${config.numbus.networking.ipAddress}/24" ${cfg.configDir}/config/configuration.yaml; then
exit 0
elif grep -qF "use_x_forwarded_for" ${cfg.configDir}/config/configuration.yaml && ! grep -qF "${config.numbus.networking.ipAddress}/24" ${cfg.configDir}/config/configuration.yaml
tmp=$(mktemp)
head -n -4 ${cfg.configDir}/config/configuration.yaml > "$tmp"
mv "$tmp" ${cfg.configDir}/config/configuration.yaml
fi
fi fi
until [[ -e ${cfg.configDir}/home-assistant/configuration.yaml ]]; do
until [[ -e ${cfg.configDir}/config/configuration.yaml ]]; do
sleep 15 sleep 15
done done
cat << 'EOF' >> ${cfg.configDir}/home-assistant/configuration.yaml cat << 'EOF' >> ${cfg.configDir}/config/configuration.yaml
http: http:
use_x_forwarded_for: true use_x_forwarded_for: true
@@ -110,7 +117,6 @@ http:
zha: zha:
EOF EOF
systemctl restart ${name}.service systemctl restart ${name}.service
touch /var/lib/numbus-server/${name}/quirk-1.true
''; '';
}; };
}; };
@@ -129,10 +135,17 @@ EOF
RemainAfterExit = true; RemainAfterExit = true;
}; };
script = '' script = ''
mkdir -p /var/lib/numbus-server/${name} if [[ -e ${cfg.configDir}/mqtt/mosquitto.conf && ${cfg.configDir}/mqtt/password.txt ]]; then
if [[ -e /var/lib/numbus-server/${name}/quirk-2.true ]]; then if grep -qF "listener 1883" ${cfg.configDir}/mqtt/mosquitto.conf; then
exit 0 exit 0
else
rm ${cfg.configDir}/mqtt/mosquitto.conf
rm ${cfg.configDir}/mqtt/password.txt
touch ${cfg.configDir}/mqtt/mosquitto.conf
touch ${cfg.configDir}/mqtt/password.txt
fi
fi fi
cat << EOF >> ${cfg.configDir}/mqtt/mosquitto.conf cat << EOF >> ${cfg.configDir}/mqtt/mosquitto.conf
persistence true persistence true
persistence_location /mosquitto/data/ persistence_location /mosquitto/data/
@@ -145,7 +158,6 @@ EOF
source /var/lib/numbus-server/${name}/.env source /var/lib/numbus-server/${name}/.env
mosquitto_passwd -b ${cfg.configDir}/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD" mosquitto_passwd -b ${cfg.configDir}/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"
chmod 600 ${cfg.configDir}/mqtt/password.txt chmod 600 ${cfg.configDir}/mqtt/password.txt
touch /var/lib/numbus-server/${name}/quirk-2.true
''; '';
}; };
} }
modules/services/immich.nix
+5 -2
View File
@@ -31,8 +31,11 @@ helper.mkPodmanService {
TZ = "${config.time.timeZone}"; TZ = "${config.time.timeZone}";
}; };
dirPermissions = [ dirPermissions = [
"100999:users ${cfg.dataDir}" "100999:100 ${cfg.configDir}/model-cache"
"100999:users ${cfg.configDir}" "100999:100 ${cfg.configDir}/machine-learning-config"
"100999:100 ${cfg.configDir}/machine-learning-cache"
"100999:100 ${cfg.configDir}/database"
"100999:100 ${cfg.dataDir}"
]; ];
# Compose file good # Compose file good
modules/services/lib.nix
+13 -6
View File
@@ -139,12 +139,19 @@ ${concatStringsSep "\n" (map (m: " - ${m}") middlewares)}
mkdir -p /var/lib/numbus-server/${name} mkdir -p /var/lib/numbus-server/${name}
${concatStringsSep "\n" (map (perm: '' ${concatStringsSep "\n" (map (perm: ''
set -- ${perm} set -- ${perm}
MARKER="/var/lib/numbus-server/${name}/.perm-fixed-$(echo "$1:$2" | md5sum | cut -d' ' -f1)" WANTED_PERMISSIONS=$1
if [ ! -f "$MARKER" ]; then FOLDER_PATH=$2
rm -f /var/lib/numbus-server/${name}/.perm-fixed-* ACTUAL_PERMISSIONS=$(stat -c '%u:%g' "$FOLDER_PATH")
mkdir -p "$2"
chown -R "$1" "$2" if [[ ! -e "$FOLDER_PATH" ]]; then
touch "$MARKER" mkdir -p "$FOLDER_PATH"
elif [[ ! -d "$FOLDER_PATH" ]]; then
rm "$FOLDER_PATH"
mkdir -p "$FOLDER_PATH"
fi
if [[ "$ACTUAL_PERMISSIONS" != "$WANTED_PERMISSIONS" ]]; then
chown -R "$WANTED_PERMISSIONS" "$FOLDER_PATH"
fi fi
'') dirPermissions)} '') dirPermissions)}
exit 0 exit 0
modules/services/nextcloud.nix
+5 -5
View File
@@ -30,11 +30,11 @@ helper.mkPodmanService {
SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}"; SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}";
}; };
dirPermissions = [ dirPermissions = [
"100032:users ${cfg.configDir}/web" "100032:100 ${cfg.configDir}/web"
"100999:users ${cfg.configDir}/redis" "100999:100 ${cfg.configDir}/redis"
"100999:users ${cfg.configDir}/database" "100999:100 ${cfg.configDir}/database"
"100999:users ${cfg.configDir}/onlyoffice" "100999:100 ${cfg.configDir}/onlyoffice"
"100032:users ${cfg.dataDir}" "100032:100 ${cfg.dataDir}"
]; ];
# Compose file good # Compose file good
modules/services/passbolt.nix
+3 -3
View File
@@ -26,9 +26,9 @@ helper.mkPodmanService {
SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}"; SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}";
}; };
dirPermissions = [ dirPermissions = [
"100032:users ${cfg.configDir}/gpg" "100032:100 ${cfg.configDir}/gpg"
"100032:users ${cfg.configDir}/jwt" "100032:100 ${cfg.configDir}/jwt"
"100999:users ${cfg.configDir}/database" "100999:100 ${cfg.configDir}/database"
]; ];
# Compose file good # Compose file good
modules/services/pi-hole.nix
+1 -1
View File
@@ -25,7 +25,7 @@ helper.mkPodmanService {
PIHOLE_PASSWORD = "xkcdpass -n 10 -d -"; PIHOLE_PASSWORD = "xkcdpass -n 10 -d -";
}; };
dirPermissions = [ dirPermissions = [
"numbus-admin:users ${cfg.configDir}" "100999:100 ${cfg.configDir}"
]; ];
# Compose file good # Compose file good
modules/services/traefik.nix
+3 -3
View File
@@ -24,9 +24,9 @@ helper.mkPodmanService {
CLOUDFLARE_DNS_API_TOKEN = "cat ${config.sops.secrets."cloudflareDnsApiToken".path}"; CLOUDFLARE_DNS_API_TOKEN = "cat ${config.sops.secrets."cloudflareDnsApiToken".path}";
}; };
dirPermissions = [ dirPermissions = [
"100999:users ${cfg.configDir}" "100999:100 ${cfg.configDir}"
"100999:users ${cfg.configDir}/rules" "100999:100 ${cfg.configDir}/rules"
"100999:users ${cfg.configDir}/certs" "100999:100 ${cfg.configDir}/certs"
]; ];
# Compose file good # Compose file good