nixos/music-assistant: init

2024-11-22 06:53:01 +00:00 · 2024-05-17 18:04:47 +02:00 · 2024-05-17 18:04:47 +02:00 · 76442766ea
commit 76442766ea
parent 241fe52147
2 changed files with 114 additions and 0 deletions
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -376,6 +376,7 @@
  ./services/audio/mopidy.nix
  ./services/audio/mpd.nix
  ./services/audio/mpdscribble.nix
+  ./services/audio/music-assistant.nix
  ./services/audio/mympd.nix
  ./services/audio/navidrome.nix
  ./services/audio/networkaudiod.nix
--- a/nixos/modules/services/audio/music-assistant.nix
+++ b/nixos/modules/services/audio/music-assistant.nix
@ -0,0 +1,113 @@
+{
+  config,
+  lib,
+  pkgs,
+  utils,
+  ...
+}:
+
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    mkPackageOption
+    types
+  ;
+
+  inherit (types)
+    listOf
+    enum
+    str
+  ;
+
+  cfg = config.services.music-assistant;
+
+  finalPackage = cfg.package.override {
+    inherit (cfg) providers;
+  };
+in
+
+{
+  meta.buildDocsInSandbox = false;
+
+  options.services.music-assistant = {
+    enable = mkEnableOption "Music Assistant";
+
+    package = mkPackageOption pkgs "music-assistant" { };
+
+    extraOptions = mkOption {
+      type = listOf str;
+      default = [ "--config" "/var/lib/music-assistant" ];
+      example = [
+        "--log-level"
+        "DEBUG"
+      ];
+      description = ''
+        List of extra options to pass to the music-assistant executable.
+      '';
+    };
+
+    providers = mkOption {
+      type = listOf (enum cfg.package.providerNames);
+      default = [];
+      example = [
+        "opensubsonic"
+        "snapcast"
+      ];
+      description = ''
+        List of provider names for which dependencies will be installed.
+      '';
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.services.music-assistant = {
+      description = "Music Assistant";
+      documentation = [ "https://music-assistant.io" ];
+
+      wantedBy = [ "multi-user.target" ];
+
+      environment = {
+        HOME = "/var/lib/music-assistant";
+        PYTHONPATH = finalPackage.pythonPath;
+      };
+
+      serviceConfig = {
+        ExecStart = utils.escapeSystemdExecArgs ([
+          (lib.getExe cfg.package)
+        ] ++ cfg.extraOptions);
+        DynamicUser = true;
+        StateDirectory = "music-assistant";
+        AmbientCapabilities = "";
+        CapabilityBoundingSet = [ "" ];
+        DevicePolicy = "closed";
+        LockPersonality = true;
+        MemoryDenyWriteExecute = true;
+        ProcSubset = "pid";
+        ProtectClock = true;
+        ProtectControlGroups = true;
+        ProtectHome = true;
+        ProtectHostname = true;
+        ProtectKernelLogs = true;
+        ProtectKernelModules = true;
+        ProtectKernelTunables = true;
+        ProtectProc = "invisible";
+        RestrictAddressFamilies = [
+          "AF_INET"
+          "AF_INET6"
+          "AF_NETLINK"
+        ];
+        RestrictNamespaces = true;
+        RestrictRealtime = true;
+        SystemCallArchitectures = "native";
+        SystemCallFilter = [
+          "@system-service"
+          "~@privileged @resources"
+        ];
+        RestrictSUIDSGID = true;
+        UMask = "0077";
+      };
+    };
+  };
+}