nixos-config/machines/chungus/media-jellyfin.nix
2024-10-09 21:27:44 +09:00

40 lines
982 B
Nix

{
config,
lib,
pkgs,
...
}:
{
services.jellyfin = {
enable = true;
openFirewall = true; # todo: will open for retiolum as well
group = "media";
user = "media";
};
healthchecks.http.jellyfin = {
url = "flix.${config.networking.hostName}.private";
};
healthchecks.closed.retiolum.ports.jellyfin = [ 8096 ];
services.nginx = {
enable = true;
virtualHosts."flix.${config.networking.hostName}.private" = {
serverAliases = [ "flix.${config.networking.hostName}" ];
extraConfig = ''
# Security / XSS Mitigation Headers
# NOTE: X-Frame-Options may cause issues with the webOS app
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
'';
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://localhost:8096";
};
};
};
}