34 lines
1.1 KiB
Nix
34 lines
1.1 KiB
Nix
{ config, pkgs, ... }:
|
|
let
|
|
transcode = pkgs.callPackage ../packages/transcode.nix {};
|
|
flacPath = "/data/music/flac";
|
|
mp3Path = "/data/music/mp3";
|
|
oggPath = "/data/music/ogg";
|
|
in
|
|
{
|
|
systemd.services.transcode = {
|
|
description = "Transcode music form FLAC to MP3 and OGG";
|
|
onFailure = [ "status-email@%n.service" ];
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
ExecStart = "${transcode}/bin/transcode --mp3-out \"${mp3Path}\" --ogg-out \"${oggPath}\" \"${flacPath}\"";
|
|
DynamicUser = true;
|
|
Group = "music";
|
|
UMask = "002";
|
|
ReadOnlyDirectories = [ flacPath ];
|
|
ReadWriteDirectories = [ mp3Path oggPath ];
|
|
Nice = 19;
|
|
NoNewPrivileges = true;
|
|
PrivateTmp = true;
|
|
PrivateDevices = true;
|
|
PrivateUsers = true;
|
|
ProtectClock = true;
|
|
ProtectSystem = "strict";
|
|
ProtectHome = true;
|
|
ProtectKernelLogs = true;
|
|
ProtectKernelModules = true;
|
|
ProtectProc = "invisible";
|
|
};
|
|
};
|
|
}
|