dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/nixos/hosts
History
DannyDannyDanny 73d4225f9b sunken-ship: grant mulbo-server read on navidrome.db 
mulbo-server's /folders endpoint reads navidrome.db directly because
the Subsonic API's path field is tag-virtual (not real fs paths).

Three pieces:
- services.navidrome UMask = 0027 (force) so future DB writes are
  group-readable; default was 0077.
- tmpfiles z-rules to chmod 0640 the existing navidrome.db, -wal, -shm
  (created under the old umask).
- mulbo-server gets SupplementaryGroups=[navidrome] so the unit's
  process can read those files.

Trade-off: couples mulbo-server to Navidrome's schema (specifically
media_file.id + media_file.path). Acceptable given Navidrome 0.61.1
has been stable on these columns; we'll catch breakage at the /health
navidrome_db_readable probe.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-06 15:06:51 +02:00
..
daniel-macbook-air.nix feat(nix): zerotier overlay via clan inventory + mac ZT client 🕸️ 2026-04-19 14:43:29 +02:00
phantom-ship-hardware.nix fix: restore bootloader config in phantom-ship hardware nix 🥾 2026-03-31 15:33:23 +02:00
phantom-ship.nix hara-heartbeat: strip markdown asterisks/underscores via sed before sending 2026-05-05 14:22:26 +02:00
server-install.nix Set efiSysMountPoint = /boot so systemd-boot install succeeds with disko 2026-03-08 18:38:26 +01:00
sunken-ship-hardware.nix Rename nixos-server to sunken-ship 2026-03-01 12:44:28 +01:00
sunken-ship.nix sunken-ship: grant mulbo-server read on navidrome.db 2026-05-06 15:06:51 +02:00
vps-relay.nix phantom-ship + vps-relay: declare escape-hormuz service + vhost 2026-05-05 09:40:11 +02:00
wsl.nix refactor(wsl): move user packages to home-manager 🎨 2026-03-30 18:03:11 +02:00