titaniumtown/arr-init
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: split module.nix into per-service modules

Browse Source 
Replace the 1301-line monolithic module.nix with focused modules:
- modules/servarr.nix  (Sonarr/Radarr/Prowlarr)
- modules/bazarr.nix   (Bazarr provider connections)
- modules/jellyseerr.nix (Jellyseerr quality profiles)
- modules/default.nix  (import aggregator)

Python scripts (from prior commit) are referenced as standalone
files via PYTHONPATH, with config passed as a JSON file argument.

New options and behavioral changes:
- Add bindAddress option to all services (default 127.0.0.1)
- Change healthChecks default from false to true
- Replace hardcoded wg.service dependency with configurable
  networkNamespaceService option
- Add systemd hardening: PrivateTmp, NoNewPrivileges, ProtectHome,
  ProtectKernelTunables/Modules, ProtectControlGroups,
  RestrictSUIDSGID, SystemCallArchitectures=native

Test updates:
- Extract mock qBittorrent/SABnzbd servers into tests/lib/mocks.nix
- Add healthChecks=false to tests not exercising health checks
- Fix duplicate wait_for_unit calls in integration test
This commit is contained in:
Simon Gardling
2026-04-16 16:34:04 -04:00
parent b464a8cea2
commit f86a5f1b39
14 changed files with 942 additions and 1689 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.nix
View File

@@ -1,5 +1,5 @@
{
description = "Declarative API initialization for Servarr applications (Sonarr, Radarr, Prowlarr, Bazarr)";
description = "Declarative API initialization for Servarr applications (Sonarr, Radarr, Prowlarr, Bazarr, Jellyseerr)";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
@@ -33,7 +33,7 @@
}
)
// {
nixosModules.default = import ./module.nix;
nixosModules.arr-init = import ./module.nix;
nixosModules.default = import ./modules;
nixosModules.arr-init = import ./modules;
};
}

1300
module.nix
View File

File diff suppressed because it is too large Load Diff

182
modules/bazarr.nix Normal file
View File

@@ -0,0 +1,182 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.bazarrInit;
scriptDir = ../scripts;
pythonEnv = pkgs.python3.withPackages (
ps: with ps; [
pyyaml
requests
]
);
bazarrProviderModule = lib.types.submodule {
options = {
enable = lib.mkEnableOption "provider connection";
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path to the provider's data directory containing config.xml.";
example = "/services/sonarr";
};
bindAddress = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "IP address of the provider (Sonarr/Radarr) for Bazarr to connect to.";
};
port = lib.mkOption {
type = lib.types.port;
description = "API port of the provider.";
example = 8989;
};
serviceName = lib.mkOption {
type = lib.types.str;
description = "Name of the systemd service to depend on.";
example = "sonarr";
};
};
};
bazarrInitModule = lib.types.submodule {
options = {
enable = lib.mkEnableOption "Bazarr API initialization";
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path to Bazarr's data directory containing config/config.yaml.";
example = "/services/bazarr";
};
bindAddress = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "IP address the Bazarr API is listening on.";
};
port = lib.mkOption {
type = lib.types.port;
default = 6767;
description = "API port of Bazarr.";
};
apiTimeout = lib.mkOption {
type = lib.types.ints.positive;
default = 90;
description = ''
Seconds to wait for the Bazarr API to become available before
considering the init attempt failed. When the API is not reachable
within this window, the service exits non-zero and systemd's
Restart=on-failure will schedule another attempt after RestartSec.
The systemd start limit is computed from this value to allow 5 full
retry cycles before the unit enters permanent failure.
'';
};
sonarr = lib.mkOption {
type = bazarrProviderModule;
default = {
enable = false;
};
description = "Sonarr provider configuration.";
};
radarr = lib.mkOption {
type = bazarrProviderModule;
default = {
enable = false;
};
description = "Radarr provider configuration.";
};
};
};
mkBazarrInitConfig = builtins.toJSON {
dataDir = cfg.dataDir;
bindAddress = cfg.bindAddress;
port = cfg.port;
apiTimeout = cfg.apiTimeout;
providers =
{ }
// lib.optionalAttrs cfg.sonarr.enable {
sonarr = {
enable = true;
dataDir = cfg.sonarr.dataDir;
bindAddress = cfg.sonarr.bindAddress;
port = cfg.sonarr.port;
};
}
// lib.optionalAttrs cfg.radarr.enable {
radarr = {
enable = true;
dataDir = cfg.radarr.dataDir;
bindAddress = cfg.radarr.bindAddress;
port = cfg.radarr.port;
};
};
};
configFile = pkgs.writeText "bazarr-init-config.json" mkBazarrInitConfig;
bazarrDeps =
[
"bazarr.service"
]
++ (lib.optional cfg.sonarr.enable "${cfg.sonarr.serviceName}.service")
++ (lib.optional cfg.radarr.enable "${cfg.radarr.serviceName}.service");
hardeningConfig = {
PrivateTmp = true;
NoNewPrivileges = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
RestrictSUIDSGID = true;
ProtectHome = true;
SystemCallArchitectures = "native";
};
in
{
options.services.bazarrInit = lib.mkOption {
type = bazarrInitModule;
default = {
enable = false;
};
description = ''
Bazarr API initialization for connecting Sonarr and Radarr providers.
Bazarr uses a different API than Servarr applications, so it has its own module.
'';
};
config = lib.mkIf cfg.enable {
systemd.services.bazarr-init = {
description = "Initialize Bazarr API connections";
after = bazarrDeps;
requires = bazarrDeps;
wantedBy = [ "multi-user.target" ];
environment.PYTHONPATH = "${scriptDir}";
unitConfig = {
StartLimitIntervalSec = 5 * (cfg.apiTimeout + 30);
StartLimitBurst = 5;
};
serviceConfig =
{
Type = "oneshot";
RemainAfterExit = true;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pythonEnv}/bin/python3 ${scriptDir}/bazarr_init.py ${configFile}";
}
// hardeningConfig;
};
};
}

8
modules/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ ... }:
{
imports = [
./servarr.nix
./bazarr.nix
./jellyseerr.nix
];
}

195
modules/jellyseerr.nix Normal file
View File

@@ -0,0 +1,195 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.jellyseerrInit;
scriptDir = ../scripts;
pythonEnv = pkgs.python3.withPackages (
ps: with ps; [
pyyaml
requests
]
);
jellyseerrProviderModule = lib.types.submodule {
options = {
profileName = lib.mkOption {
type = lib.types.str;
description = "Quality profile name to set as the default. Resolved to an ID at runtime by querying the Servarr API.";
example = "Remux + WEB 2160p";
};
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path to the Servarr application data directory containing config.xml.";
example = "/services/radarr";
};
bindAddress = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "IP address the Servarr application API is listening on.";
};
port = lib.mkOption {
type = lib.types.port;
description = "API port of the Servarr application.";
example = 7878;
};
serviceName = lib.mkOption {
type = lib.types.str;
description = "Name of the systemd service to depend on.";
example = "radarr";
};
};
};
jellyseerrInitModule = lib.types.submodule {
options = {
enable = lib.mkEnableOption "Jellyseerr quality profile initialization";
configDir = lib.mkOption {
type = lib.types.str;
description = "Path to Jellyseerr's data directory containing settings.json.";
example = "/services/jellyseerr";
};
apiTimeout = lib.mkOption {
type = lib.types.ints.positive;
default = 90;
description = "Seconds to wait for Radarr/Sonarr APIs to become available.";
};
radarr = lib.mkOption {
type = jellyseerrProviderModule;
description = "Radarr quality profile configuration for Jellyseerr.";
};
sonarr = lib.mkOption {
type = lib.types.submodule {
options = {
profileName = lib.mkOption {
type = lib.types.str;
description = "Quality profile name for TV series.";
example = "WEB-2160p";
};
animeProfileName = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "Quality profile name for anime. Defaults to profileName when null.";
};
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path to the Sonarr data directory containing config.xml.";
example = "/services/sonarr";
};
bindAddress = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "IP address the Sonarr API is listening on.";
};
port = lib.mkOption {
type = lib.types.port;
description = "API port of Sonarr.";
example = 8989;
};
serviceName = lib.mkOption {
type = lib.types.str;
description = "Name of the systemd service to depend on.";
example = "sonarr";
};
};
};
description = "Sonarr quality profile configuration for Jellyseerr.";
};
};
};
mkJellyseerrInitConfig = builtins.toJSON {
configDir = cfg.configDir;
apiTimeout = cfg.apiTimeout;
radarr = {
profileName = cfg.radarr.profileName;
dataDir = cfg.radarr.dataDir;
bindAddress = cfg.radarr.bindAddress;
port = cfg.radarr.port;
};
sonarr = {
profileName = cfg.sonarr.profileName;
animeProfileName =
if cfg.sonarr.animeProfileName != null then
cfg.sonarr.animeProfileName
else
cfg.sonarr.profileName;
dataDir = cfg.sonarr.dataDir;
bindAddress = cfg.sonarr.bindAddress;
port = cfg.sonarr.port;
};
};
configFile = pkgs.writeText "jellyseerr-init-config.json" mkJellyseerrInitConfig;
jellyseerrDeps = [
"jellyseerr.service"
"${cfg.radarr.serviceName}.service"
"${cfg.sonarr.serviceName}.service"
];
hardeningConfig = {
PrivateTmp = true;
NoNewPrivileges = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
RestrictSUIDSGID = true;
ProtectHome = true;
SystemCallArchitectures = "native";
};
in
{
options.services.jellyseerrInit = lib.mkOption {
type = jellyseerrInitModule;
default = {
enable = false;
};
description = ''
Jellyseerr quality profile initialization.
Patches Jellyseerr's settings.json so new requests default to the
correct Radarr/Sonarr quality profiles, resolved by name at runtime.
'';
};
config = lib.mkIf cfg.enable {
systemd.services.jellyseerr-init = {
description = "Initialize Jellyseerr quality profile defaults";
after = jellyseerrDeps;
requires = jellyseerrDeps;
wantedBy = [ "multi-user.target" ];
environment.PYTHONPATH = "${scriptDir}";
unitConfig = {
StartLimitIntervalSec = 5 * (cfg.apiTimeout + 30);
StartLimitBurst = 5;
};
serviceConfig =
{
Type = "oneshot";
RemainAfterExit = true;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pythonEnv}/bin/python3 ${scriptDir}/jellyseerr_init.py ${configFile}";
}
// hardeningConfig;
};
};
}

385
modules/servarr.nix Normal file
View File

@@ -0,0 +1,385 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.arrInit;
scriptDir = ../scripts;
pythonEnv = pkgs.python3.withPackages (
ps: with ps; [
pyyaml
requests
]
);
downloadClientModule = lib.types.submodule {
options = {
name = lib.mkOption {
type = lib.types.str;
description = "Display name of the download client (e.g. \"qBittorrent\").";
example = "qBittorrent";
};
implementation = lib.mkOption {
type = lib.types.str;
description = "Implementation identifier for the Servarr API.";
example = "QBittorrent";
};
configContract = lib.mkOption {
type = lib.types.str;
description = "Config contract identifier for the Servarr API.";
example = "QBittorrentSettings";
};
protocol = lib.mkOption {
type = lib.types.enum [
"torrent"
"usenet"
];
default = "torrent";
description = "Download protocol type.";
};
fields = lib.mkOption {
type = lib.types.attrsOf lib.types.anything;
default = { };
description = ''
Flat key/value pairs for the download client configuration.
These are converted to the API's [{name, value}] array format.
'';
example = {
host = "192.168.15.1";
port = 6011;
useSsl = false;
tvCategory = "tvshows";
};
};
serviceName = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Name of the systemd service for this download client.
When set, the init service will depend on (After + Requires) this service,
ensuring the download client is running before health checks execute.
'';
example = "qbittorrent";
};
};
};
syncedAppModule = lib.types.submodule {
options = {
name = lib.mkOption {
type = lib.types.str;
description = "Display name of the application to sync (e.g. \"Sonarr\").";
example = "Sonarr";
};
implementation = lib.mkOption {
type = lib.types.str;
description = "Implementation identifier for the Prowlarr application API.";
example = "Sonarr";
};
configContract = lib.mkOption {
type = lib.types.str;
description = "Config contract identifier for the Prowlarr application API.";
example = "SonarrSettings";
};
syncLevel = lib.mkOption {
type = lib.types.str;
default = "fullSync";
description = "Sync level for the application.";
};
prowlarrUrl = lib.mkOption {
type = lib.types.str;
description = "URL of the Prowlarr instance.";
example = "http://localhost:9696";
};
baseUrl = lib.mkOption {
type = lib.types.str;
description = "URL of the target application.";
example = "http://localhost:8989";
};
apiKeyFrom = lib.mkOption {
type = lib.types.str;
description = "Path to the config.xml file to read the API key from at runtime.";
example = "/services/sonarr/config.xml";
};
syncCategories = lib.mkOption {
type = lib.types.listOf lib.types.int;
default = [ ];
description = ''
List of Newznab category IDs to sync for this application.
When empty (default), categories are auto-detected at runtime
by querying Prowlarr's indexer/categories API endpoint and
collecting all IDs under the parent category matching the
implementation type (e.g. Sonarr -> TV, Radarr -> Movies).
'';
example = [
5000
5010
5020
];
};
serviceName = lib.mkOption {
type = lib.types.str;
description = "Name of the systemd service to depend on for reading the API key.";
example = "sonarr";
};
};
};
instanceModule = lib.types.submodule {
options = {
enable = lib.mkEnableOption "Servarr application API initialization";
serviceName = lib.mkOption {
type = lib.types.str;
description = "Name of the systemd service this init depends on.";
example = "sonarr";
};
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path to the application data directory containing config.xml.";
example = "/var/lib/sonarr";
};
bindAddress = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "IP address the Servarr application API is listening on.";
};
port = lib.mkOption {
type = lib.types.port;
description = "API port of the Servarr application.";
example = 8989;
};
apiVersion = lib.mkOption {
type = lib.types.str;
default = "v3";
description = "API version string used in the base URL.";
};
networkNamespacePath = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "If set, run this init service inside the given network namespace path (e.g. /run/netns/wg).";
};
networkNamespaceService = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Systemd service that manages the network namespace.
When set, the init service orders after this service.
'';
example = "wg";
};
downloadClients = lib.mkOption {
type = lib.types.listOf downloadClientModule;
default = [ ];
description = "List of download clients to configure via the API.";
};
rootFolders = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "List of root folder paths to configure via the API.";
example = [
"/media/tv"
"/media/movies"
];
};
syncedApps = lib.mkOption {
type = lib.types.listOf syncedAppModule;
default = [ ];
description = "Applications to register for indexer sync (Prowlarr only).";
};
healthChecks = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
When enabled, the init service will verify connectivity after provisioning:
- Tests all download clients are reachable via the application's testall API
- For Prowlarr instances: tests all synced applications are reachable
The init service will fail if any health check fails after all retries.
'';
};
healthCheckRetries = lib.mkOption {
type = lib.types.ints.unsigned;
default = 5;
description = ''
Number of times to retry health checks before failing.
Each retry waits healthCheckInterval seconds.
'';
};
healthCheckInterval = lib.mkOption {
type = lib.types.ints.positive;
default = 10;
description = "Seconds to wait between health check retries.";
};
apiTimeout = lib.mkOption {
type = lib.types.ints.positive;
default = 90;
description = ''
Seconds to wait for the application API to become available before
considering the init attempt failed. When the API is not reachable
within this window, the service exits non-zero and systemd's
Restart=on-failure will schedule another attempt after RestartSec.
The systemd start limit is computed from this value to allow 5 full
retry cycles before the unit enters permanent failure.
'';
};
naming = lib.mkOption {
type = lib.types.attrsOf lib.types.anything;
default = { };
description = ''
Naming configuration to set via the API's config/naming endpoint.
Keys/values map directly to the API fields (e.g. renameEpisodes,
standardEpisodeFormat for Sonarr; renameMovies, standardMovieFormat
for Radarr). Only specified fields are updated; unspecified fields
retain their current values.
'';
example = {
renameEpisodes = true;
standardEpisodeFormat = "{Series Title} - S{season:00}E{episode:00} - {Episode Title} {Quality Full}";
seasonFolderFormat = "Season {season}";
seriesFolderFormat = "{Series Title}";
};
};
};
};
mkInitConfig =
name: inst:
builtins.toJSON {
inherit name;
inherit (inst)
dataDir
bindAddress
port
apiVersion
apiTimeout
healthChecks
healthCheckRetries
healthCheckInterval
rootFolders
naming
;
downloadClients = map (dc: {
inherit (dc)
name
implementation
configContract
protocol
fields
;
}) inst.downloadClients;
syncedApps = map (app: {
inherit (app)
name
implementation
configContract
syncLevel
prowlarrUrl
baseUrl
apiKeyFrom
syncCategories
;
}) inst.syncedApps;
};
mkConfigFile = name: inst: pkgs.writeText "${name}-init-config.json" (mkInitConfig name inst);
getSyncedAppDeps = inst: map (app: "${app.serviceName}.service") inst.syncedApps;
getDownloadClientDeps =
inst:
lib.concatMap (
dc: lib.optional (dc.serviceName != null) "${dc.serviceName}.service"
) inst.downloadClients;
enabledInstances = lib.filterAttrs (_: inst: inst.enable) cfg;
# Shared hardening options for all init services.
hardeningConfig = {
PrivateTmp = true;
NoNewPrivileges = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
RestrictSUIDSGID = true;
ProtectHome = true;
SystemCallArchitectures = "native";
};
in
{
options.services.arrInit = lib.mkOption {
type = lib.types.attrsOf instanceModule;
default = { };
description = ''
Attribute set of Servarr application instances to initialize via their APIs.
Each instance generates a systemd oneshot service that idempotently configures
download clients, root folders, and synced applications.
'';
};
config = lib.mkIf (enabledInstances != { }) {
systemd.services = lib.mapAttrs' (
name: inst:
lib.nameValuePair "${inst.serviceName}-init" {
description = "Initialize ${name} API connections";
after =
[
"${inst.serviceName}.service"
]
++ (getSyncedAppDeps inst)
++ (getDownloadClientDeps inst)
++ (lib.optional (inst.networkNamespaceService != null) "${inst.networkNamespaceService}.service");
requires = [ "${inst.serviceName}.service" ] ++ (getDownloadClientDeps inst);
wantedBy = [ "multi-user.target" ];
environment.PYTHONPATH = "${scriptDir}";
unitConfig = {
StartLimitIntervalSec = 5 * (inst.apiTimeout + 30);
StartLimitBurst = 5;
};
serviceConfig =
{
Type = "oneshot";
RemainAfterExit = true;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pythonEnv}/bin/python3 ${scriptDir}/servarr_init.py ${mkConfigFile name inst}";
}
// hardeningConfig
// lib.optionalAttrs (inst.networkNamespacePath != null) {
NetworkNamespacePath = inst.networkNamespacePath;
};
}
) enabledInstances;
};
}

1
tests/delayed-start.nix
View File

@@ -97,6 +97,7 @@ pkgs.testers.runNixOSTest {
];
services.arrInit.sonarr = {
healthChecks = false;
enable = true;
serviceName = "mock-sonarr";
dataDir = "/var/lib/mock-sonarr";

70
tests/edge-cases.nix
View File

@@ -9,6 +9,9 @@ pkgs.testers.runNixOSTest {
nodes.machine =
{ pkgs, lib, ... }:
let
mocks = import ./lib/mocks.nix { inherit pkgs; };
in
{
imports = [ self.nixosModules.default ];
@@ -22,71 +25,7 @@ pkgs.testers.runNixOSTest {
gnugrep
];
systemd.services.mock-qbittorrent =
let
mockQbitScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = {}
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6011), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockQbitScript}";
Type = "simple";
};
};
systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent { };
# Create directories including one with spaces
systemd.tmpfiles.rules = [
@@ -106,6 +45,7 @@ pkgs.testers.runNixOSTest {
# Test 3: Path with spaces
services.arrInit.sonarr = {
enable = true;
healthChecks = false;
serviceName = "sonarr";
dataDir = "/var/lib/sonarr/.config/NzbDrone";
port = 8989;

1
tests/error-handling.nix
View File

@@ -26,6 +26,7 @@ pkgs.testers.runNixOSTest {
# The dataDir points to a non-existent config.xml
services.arrInit.sonarr = {
enable = true;
healthChecks = false;
serviceName = "sonarr";
dataDir = "/var/lib/nonexistent";
port = 8989;

78
tests/health-checks.nix
View File

@@ -9,6 +9,9 @@ pkgs.testers.runNixOSTest {
nodes.machine =
{ pkgs, lib, ... }:
let
mocks = import ./lib/mocks.nix { inherit pkgs; };
in
{
imports = [ self.nixosModules.default ];
@@ -22,77 +25,12 @@ pkgs.testers.runNixOSTest {
gnugrep
];
systemd.services.mock-qbittorrent =
let
mockQbitScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = {
"tv": {"name": "tv", "savePath": "/downloads"},
"movies": {"name": "movies", "savePath": "/downloads"},
}
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
if path in ["/api/v2/torrents/editCategory", "/api/v2/torrents/removeCategory"]:
self._respond()
return
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6011), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockQbitScript}";
Type = "simple";
};
systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent {
initialCategories = {
tv = { name = "tv"; savePath = "/downloads"; };
movies = { name = "movies"; savePath = "/downloads"; };
};
};
systemd.tmpfiles.rules = [
"d /media/tv 0755 sonarr sonarr -"

90
tests/integration.nix
View File

@@ -9,6 +9,9 @@ pkgs.testers.runNixOSTest {
nodes.machine =
{ pkgs, lib, ... }:
let
mocks = import ./lib/mocks.nix { inherit pkgs; };
in
{
imports = [ self.nixosModules.default ];
@@ -22,81 +25,13 @@ pkgs.testers.runNixOSTest {
gnugrep
];
systemd.services.mock-qbittorrent =
let
mockQbitScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = {
"tv": {"name": "tv", "savePath": "/downloads"},
"movies": {"name": "movies", "savePath": "/downloads"},
}
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
if path in ["/api/v2/torrents/editCategory", "/api/v2/torrents/removeCategory"]:
self._respond()
return
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6011), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
before = [
"sonarr-init.service"
"radarr-init.service"
];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockQbitScript}";
Type = "simple";
};
systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent {
initialCategories = {
tv = { name = "tv"; savePath = "/downloads"; };
movies = { name = "movies"; savePath = "/downloads"; };
};
before = [ "sonarr-init.service" "radarr-init.service" ];
};
systemd.tmpfiles.rules = [
"d /media/tv 0755 sonarr sonarr -"
@@ -126,6 +61,7 @@ pkgs.testers.runNixOSTest {
services.arrInit.sonarr = {
enable = true;
healthChecks = false;
serviceName = "sonarr";
dataDir = "/var/lib/sonarr/.config/NzbDrone";
port = 8989;
@@ -148,6 +84,7 @@ pkgs.testers.runNixOSTest {
services.arrInit.radarr = {
enable = true;
healthChecks = false;
serviceName = "radarr";
dataDir = "/var/lib/radarr/.config/Radarr";
port = 7878;
@@ -170,6 +107,7 @@ pkgs.testers.runNixOSTest {
services.arrInit.prowlarr = {
enable = true;
healthChecks = false;
serviceName = "prowlarr";
dataDir = "/var/lib/prowlarr";
port = 9696;
@@ -255,10 +193,6 @@ pkgs.testers.runNixOSTest {
machine.wait_for_unit("sonarr-init.service")
machine.wait_for_unit("radarr-init.service")
# Wait for init services to complete
machine.wait_for_unit("sonarr-init.service")
machine.wait_for_unit("radarr-init.service")
# Verify Sonarr download clients
machine.succeed(
"API_KEY=$(grep -oP '(?<=<ApiKey>)[^<]+' /var/lib/sonarr/.config/NzbDrone/config.xml) && "

126
tests/lib/mocks.nix Normal file
View File

@@ -0,0 +1,126 @@
# Shared mock service generators for arr-init NixOS tests.
#
# Usage (from a test file):
# let mocks = import ./lib/mocks.nix { inherit pkgs; };
# in { systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent { }; }
{ pkgs }:
{
# Mock qBittorrent WebUI API.
#
# Args:
# port - TCP port (default 6011)
# initialCategories - Nix attrset seeded as the CATEGORIES dict
# before - systemd Before= list
mkMockQbittorrent =
{
port ? 6011,
initialCategories ? { },
before ? [ ],
}:
let
categoriesJson = builtins.toJSON initialCategories;
mockScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = json.loads('${categoriesJson}')
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", ${toString port}), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
inherit before;
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockScript}";
Type = "simple";
};
};
# Mock SABnzbd API.
mkMockSabnzbd =
{ port ? 6012 }:
let
mockScript = pkgs.writeScript "mock-sabnzbd.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
class SabMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b'{"config": {}}', content_type="application/json"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
if "mode=config" in self.path or "mode=version" in self.path:
self._respond(body=b'{"config": {"misc": {"api_key": "test"}}, "version": "4.0.0"}')
elif "mode=get_config" in self.path:
self._respond(body=b'{"config": {"misc": {"complete_dir": "/downloads/usenet", "pre_check": false}, "categories": [{"name": "tv", "order": 0, "pp": "", "script": "Default", "dir": "tv"}], "sorters": []}}')
else:
self._respond()
def do_POST(self):
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", ${toString port}), SabMock).serve_forever()
'';
in
{
description = "Mock SABnzbd API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockScript}";
Type = "simple";
};
};
}

117
tests/multiple-clients.nix
View File

@@ -9,6 +9,9 @@ pkgs.testers.runNixOSTest {
nodes.machine =
{ pkgs, lib, ... }:
let
mocks = import ./lib/mocks.nix { inherit pkgs; };
in
{
imports = [ self.nixosModules.default ];
@@ -23,117 +26,14 @@ pkgs.testers.runNixOSTest {
];
# Mock qBittorrent on port 6011
systemd.services.mock-qbittorrent =
let
mockQbitScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = {
"tv": {"name": "tv", "savePath": "/downloads"},
}
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6011), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockQbitScript}";
Type = "simple";
};
systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent {
initialCategories = {
tv = { name = "tv"; savePath = "/downloads"; };
};
};
# Mock SABnzbd on port 6012
systemd.services.mock-sabnzbd =
let
mockSabScript = pkgs.writeScript "mock-sabnzbd.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
class SabMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b'{"config": {}}', content_type="application/json"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if "mode=config" in self.path or "mode=version" in self.path:
self._respond(body=b'{"config": {"misc": {"api_key": "test"}}, "version": "4.0.0"}')
elif "mode=get_config" in self.path:
self._respond(body=b'{"config": {"misc": {"complete_dir": "/downloads/usenet", "pre_check": false}, "categories": [{"name": "tv", "order": 0, "pp": "", "script": "Default", "dir": "tv"}], "sorters": []}}')
else:
self._respond()
def do_POST(self):
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6012), SabMock).serve_forever()
'';
in
{
description = "Mock SABnzbd API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockSabScript}";
Type = "simple";
};
};
systemd.services.mock-sabnzbd = mocks.mkMockSabnzbd { };
systemd.tmpfiles.rules = [
"d /media/tv 0755 sonarr sonarr -"
@@ -148,6 +48,7 @@ pkgs.testers.runNixOSTest {
# Sonarr with TWO download clients: qBittorrent + SABnzbd
services.arrInit.sonarr = {
enable = true;
healthChecks = false;
serviceName = "sonarr";
dataDir = "/var/lib/sonarr/.config/NzbDrone";
port = 8989;

72
tests/partial-config.nix
View File

@@ -9,6 +9,9 @@ pkgs.testers.runNixOSTest {
nodes.machine =
{ pkgs, lib, ... }:
let
mocks = import ./lib/mocks.nix { inherit pkgs; };
in
{
imports = [ self.nixosModules.default ];
@@ -22,71 +25,7 @@ pkgs.testers.runNixOSTest {
gnugrep
];
systemd.services.mock-qbittorrent =
let
mockQbitScript = pkgs.writeScript "mock-qbittorrent.py" ''
import json
from http.server import HTTPServer, BaseHTTPRequestHandler
from urllib.parse import parse_qs, urlparse
CATEGORIES = {}
class QBitMock(BaseHTTPRequestHandler):
def _respond(self, code=200, body=b"Ok.", content_type="text/plain"):
self.send_response(code)
self.send_header("Content-Type", content_type)
self.send_header("Set-Cookie", "SID=mock_session_id; Path=/")
self.end_headers()
self.wfile.write(body if isinstance(body, bytes) else body.encode())
def do_GET(self):
path = self.path.split("?")[0]
if path == "/api/v2/app/webapiVersion":
self._respond(body=b"2.9.3")
elif path == "/api/v2/app/version":
self._respond(body=b"v5.0.0")
elif path == "/api/v2/torrents/info":
self._respond(body=b"[]", content_type="application/json")
elif path == "/api/v2/torrents/categories":
body = json.dumps(CATEGORIES).encode()
self._respond(body=body, content_type="application/json")
elif path == "/api/v2/app/preferences":
body = json.dumps({"save_path": "/tmp"}).encode()
self._respond(body=body, content_type="application/json")
else:
self._respond()
def do_POST(self):
content_length = int(self.headers.get("Content-Length", 0))
body = self.rfile.read(content_length).decode()
path = urlparse(self.path).path
query = parse_qs(urlparse(self.path).query)
form = parse_qs(body)
params = {**query, **form}
if path == "/api/v2/torrents/createCategory":
name = params.get("category", [""])[0]
save_path = params.get("savePath", params.get("save_path", [""]))[0] or "/downloads"
if name:
CATEGORIES[name] = {"name": name, "savePath": save_path}
self._respond()
def log_message(self, format, *args):
pass
HTTPServer(("0.0.0.0", 6011), QBitMock).serve_forever()
'';
in
{
description = "Mock qBittorrent API";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.python3}/bin/python3 ${mockQbitScript}";
Type = "simple";
};
};
systemd.services.mock-qbittorrent = mocks.mkMockQbittorrent { };
systemd.tmpfiles.rules = [
"d /media/tv 0755 sonarr sonarr -"
@@ -111,6 +50,7 @@ pkgs.testers.runNixOSTest {
# Test 1: Only rootFolders (no downloadClients)
services.arrInit.sonarr = {
enable = true;
healthChecks = false;
serviceName = "sonarr";
dataDir = "/var/lib/sonarr/.config/NzbDrone";
port = 8989;
@@ -122,6 +62,7 @@ pkgs.testers.runNixOSTest {
# Test 2: Only downloadClients (no rootFolders)
services.arrInit.radarr = {
enable = true;
healthChecks = false;
serviceName = "radarr";
dataDir = "/var/lib/radarr/.config/Radarr";
port = 7878;
@@ -146,6 +87,7 @@ pkgs.testers.runNixOSTest {
# Test 3: Only syncedApps (Prowlarr)
services.arrInit.prowlarr = {
enable = true;
healthChecks = false;
serviceName = "prowlarr";
dataDir = "/var/lib/prowlarr";
port = 9696;