New nixpkgs defaults for the *arr services set UMask=0022, which
conflicts with the media-group-writable overrides. Wrap with
lib.mkForce alongside the existing Jellyfin fix.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
nixpkgs now sets UMask=0077 on the Jellyfin service, conflicting with
our override that ensures media-group writes. Wrapping with lib.mkForce
restores the intended permission bits.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Share the wallpaper symlink across all hosts by moving it from gnome.nix
into home-manager/fred.nix, and add matugen templates for btop and the
Homepage dashboard.
The Homepage NixOS module writes custom.css into /etc (read-only), so
bind-mount /var/lib/homepage-custom-css/custom.css over it. A systemd
path unit restarts homepage-dashboard whenever matugen rewrites the
file, so regeneration works without sudo.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Parse every Saved: entry in the log to compute cumulative original
size, new size, bytes saved, and percentage reduction so we have a
single command for the transcode impact.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Wayland/Mutter forces server-side decorations when the custom title bar
is collapsed, which looked worse than the slim custom bar. Reverting to
stock VSCodium with compact menu + no command center handled in user
settings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Using display:none removed the drag region entirely, which caused
GNOME/Mutter to fall back to server-side decorations. Collapsing the
title bar to 0 height keeps VSCodium's frameless state intact.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Override vscodium with a postFixup step that appends a style tag to
workbench.html hiding the titlebar part, so the window sits flush
against GNOME's edge without native or custom decorations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Override the base grid-template-rows to replace the 32px title bar
reservation with 12px padding that matches the bottom window edge.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hide Midnight's window controls and trailing section since GNOME
handles decorations, and remove the 158px padding gap left behind.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The focus ring overrides didn't take effect and the accent color
change made some elements look worse.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace custom Discord CSS selectors with Midnight theme (loaded via
online URL) and simple color variable overrides from matugen. Also add
wallpaper-colored focus rings, edit button, and running dot to GNOME
shell app grid.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sonarr, Radarr, qBittorrent, Jellyfin, and Bazarr all need to create
files that are writable by the media group. Without this, Jellyfin
can't write thumbnails/artwork to media directories and services
can't collaborate on shared files. Also fixes radarr movies directory
to use setgid (2775) consistently.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Removes any .transcode-* files left behind by interrupted runs
before starting the encoding loop.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Map only the first video stream, all audio, and all subtitles instead
of mapping everything. This avoids feeding cover art images through
the libx265 encoder which caused hangs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Queries qBittorrent for individual file sizes of all active torrents.
Files whose size matches a seeded torrent file are skipped, catching
cross-filesystem copies where hardlink detection doesn't work.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Files with multiple hardlinks are likely linked from downloads/ where
they are still being seeded. Transcoding would break the hardlink and
cause both copies to take up disk space separately.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
MP4 containers don't support all subtitle/codec combinations with HEVC.
MKV handles everything, so always output .mkv and remove the original
if it was a different format.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Resumable batch script that finds H.264 files, re-encodes to HEVC
(libx265 CRF 24), verifies duration, and replaces originals.
Tracks completed files in /var/lib/transcode-hevc/completed.log.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Runs Tdarr server with internal node on the mediaserver for managing
library-wide re-encoding to save disk space. Web UI at tdarr.nordhammer.it.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The latest 595.x driver dropped Maxwell GPU support. The Quadro M2000
(GM206) requires the legacy_580 branch for CUDA/NVENC to function.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add sudo to reboot alias so it doesn't prompt for password.
Add blank line before networking.hostName in hardware config.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
On a headless system, services.xserver.videoDrivers doesn't guarantee
the NVIDIA modules load. Add nvidia, nvidia_modeset, nvidia_uvm, and
nvidia_drm to boot.kernelModules explicitly.
nvidia_uvm is particularly critical — without it, CUDA initialisation
fails with CUDA_ERROR_NO_DEVICE, which is exactly what broke Jellyfin
NVENC transcoding.
https://claude.ai/code/session_016jJU8ZtWLSnJQBdbMr5pxK
- Add NVIDIA proprietary driver config to FredOS-Mediaserver hardware
(Maxwell/GM206, open=false, modesetting enabled, headless)
- Enable hardware.graphics for DRM/KMS infrastructure
- Add jellyfin user to video and render groups for device access
After deploying, enable NVENC in Jellyfin: Dashboard → Playback →
Transcoding → Hardware acceleration: Nvidia NVENC.
https://claude.ai/code/session_016jJU8ZtWLSnJQBdbMr5pxK
Cloudflare's authoritative nameservers take longer than the
default 2-minute timeout to propagate TXT records created via
API. Set CLOUDFLARE_PROPAGATION_TIMEOUT=600 to give enough
time for DNS-01 challenge validation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
--dns.resolvers is a global lego flag, not a run/renew subcommand
flag. Use extraLegoFlags instead of extraLegoRunFlags.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Route DNS propagation checks through 1.1.1.1 only, bypassing
the local resolver that caches stale responses and causes
wildcard cert DNS-01 challenges to time out.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Disabling the propagation check caused lego to submit to Let's
Encrypt before Cloudflare's authoritative nameservers had the
TXT record. A 30s wait gives Cloudflare time to propagate.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Local DNS resolver caches stale responses causing the wildcard
cert DNS-01 challenge to time out before propagation is confirmed.
Cloudflare's authoritative servers propagate fast enough for
Let's Encrypt to validate without the client-side check.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Commented out nginx, go2rtc, cloudflare-ddns, fail2ban, and authelia
until secrets are migrated to the new server hardware.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New server uses systemd-boot instead of GRUB. Data disks and
mergerfs pool to be added after physical disk migration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Clear old disk UUIDs, boot config, and filesystem mounts.
Add backup script for migrating service state to new hardware.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Generates quickCss for Vencord with wallpaper-derived colors
and Adwaita-style rounding. Work in progress — Discord may
override CSS variables on load.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Color the #zen-sidebar-splitter to match the sidebar instead of
showing a grey strip. Also theme content area containers and
window frame elements. Clean up redundant CSS rules.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
No longer accepts an argument — always regenerates colors from
the wallpaper managed by git at ~/.local/share/backgrounds/wallpaper.png.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use GNOME Shell's native box-shadow inset fill technique for panel
button hover/active states to avoid double-background layering.
Add wallpaper-colored window close button in overview.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create gtk3-colors.css matugen template and import it in GTK3
gtk.css so apps like Vesktop get wallpaper-based headerbar colors.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Guard matugen call with command -v check so the update alias
works on hosts without GNOME/matugen (e.g. mediaserver).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
