titaniumtown/arr-init
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

servarr: add configXml option with preStart hook

Browse Source 
Adds services.arrInit.<name>.configXml for declaratively ensuring XML
elements exist in a Servarr config.xml before the service starts.

Generates a preStart hook on the main service that runs a Python helper
to patch or create config.xml. Undeclared elements are preserved;
declared elements are written with exact values.

Primary use case: preventing recurring Prowlarr 'not listening on port'
failures when config.xml loses the <Port> element — now guaranteed to
exist before Prowlarr starts.

Hardening:
- Atomic writes (tmp + rename): power loss cannot corrupt config.xml
- Malformed XML recovery: fresh <Config> root instead of blocking boot
- Secure default mode (0600) for new files containing ApiKey
- Preserves existing file mode on rewrite
- Assertion against duplicate serviceName targeting

Tests (10 subtests): creates-from-missing, patches-existing, preserves-
undeclared, corrects-tampered, idempotent, malformed-recovery,
ownership-preserved, not-world-readable.
This commit is contained in:
Simon Gardling
2026-04-17 00:38:32 -04:00
parent a1ae022dc3
commit 6dde2a3e0d
14 changed files with 684 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
modules/jellyseerr.nix
View File

@@ -128,10 +128,7 @@ let
sonarr = {
profileName = cfg.sonarr.profileName;
animeProfileName =
if cfg.sonarr.animeProfileName != null then
cfg.sonarr.animeProfileName
else
cfg.sonarr.profileName;
if cfg.sonarr.animeProfileName != null then cfg.sonarr.animeProfileName else cfg.sonarr.profileName;
dataDir = cfg.sonarr.dataDir;
bindAddress = cfg.sonarr.bindAddress;
port = cfg.sonarr.port;
@@ -181,15 +178,14 @@ in
StartLimitIntervalSec = 5 * (cfg.apiTimeout + 30);
StartLimitBurst = 5;
};
serviceConfig =
{
Type = "oneshot";
RemainAfterExit = true;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pythonEnv}/bin/python3 ${scriptDir}/jellyseerr_init.py ${configFile}";
}
// hardeningConfig;
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pythonEnv}/bin/python3 ${scriptDir}/jellyseerr_init.py ${configFile}";
}
// hardeningConfig;
};
};
}