From 396a8847c84cbe6ec8db939fc0ed4778164fe55c Mon Sep 17 00:00:00 2001
From: ediblerope <fredrik@nordhammer.it>
Date: Wed, 21 Jan 2026 22:49:01 +0000
Subject: [PATCH] Update arr-stack.nix

---
 services/arr-stack.nix | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/services/arr-stack.nix b/services/arr-stack.nix
index a1f57db..74afa0e 100644
--- a/services/arr-stack.nix
+++ b/services/arr-stack.nix
@@ -17,14 +17,14 @@
 				ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox";
 				Restart = "on-failure";
 				
-				# Security hardening (optional but recommended)
+				# Security hardening
 				NoNewPrivileges = true;
 				PrivateTmp = true;
 				ProtectSystem = "strict";
-				ProtectHome = "read-only";
+				ProtectHome = true;
 				ReadWritePaths = [ 
 					"/var/lib/qbittorrent"
-					"/home/fred/storage/torrents"
+					"/mnt/storage/torrents"
 				];
 			};
 
@@ -32,13 +32,12 @@
 				mkdir -p /var/lib/qbittorrent/.config/qBittorrent
 				cat > /var/lib/qbittorrent/.config/qBittorrent/qBittorrent.conf << EOF
 				[Preferences]
-				Downloads\SavePath=/home/fred/storage/torrents/downloads
+				Downloads\SavePath=/mnt/storage/torrents/downloads
 				EOF
 				chown -R qbittorrent:qbittorrent /var/lib/qbittorrent/.config
 			'';
 		};
 
-		# Create the user and group
 		users.users.qbittorrent = {
 			isSystemUser = true;
 			group = "qbittorrent";
@@ -50,7 +49,9 @@
 
 		# Ensure the download directory exists with proper permissions
 		systemd.tmpfiles.rules = [
-			"d /home/fred/storage/torrents/downloads 0775 qbittorrent qbittorrent -"
+			"d /mnt/storage/torrents/downloads 0775 qbittorrent qbittorrent -"
 		];
+		
+		users.users.fred.extraGroups = [ "qbittorrent" ];
 	};
 }