chandlerswift/machine-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

bert: navidrome: Disable MemoryDenyWriteExecute for wasm jit

Browse source 
Without this, we see this error:

    Feb 22 18:07:12 bert navidrome[230133]: time="2026-02-22T18:07:12-06:00" level=info msg="Watcher started for library" absoluteLibPath=/mnt/bigbird_public/media/music libraryID=1 name="Music Library" path=/mnt/bigbird_public/media/music
    Feb 22 18:07:13 bert navidrome[230156]: panic: permission denied [recovered, repanicked]
    Feb 22 18:07:13 bert navidrome[230156]: goroutine 1037 [running]:
    Feb 22 18:07:13 bert navidrome[230156]: go.senan.xyz/taglib.init.OnceValues[...].func3.1.1()
    Feb 22 18:07:13 bert navidrome[230156]:         sync/oncefunc.go:98 +0x75
    Feb 22 18:07:13 bert navidrome[230156]: panic({0x13a32e0?, 0x3649328?})
    Feb 22 18:07:13 bert navidrome[230156]:         runtime/panic.go:783 +0x132
    Feb 22 18:07:13 bert navidrome[230156]: github.com/tetratelabs/wazero/internal/engine/wazevo.mmapExecutable({0xc00030f000, 0xaf0, 0xc000737800?})
    Feb 22 18:07:13 bert navidrome[230156]:         github.com/tetratelabs/wazero@v1.11.0/internal/engine/wazevo/engine.go:881 +0xb4
    […]
    Feb 22 18:07:13 bert navidrome[230133]: time="2026-02-22T18:07:13-06:00" level=error msg="Scan failed" error="failed to read status from scanner: /nix/store/622zip549ggami2mslhabm80sfsjlrxd-navidrome-0.60.0/bin/.navidrome-wrapped scan --nobanner --subprocess --configfile /nix/store/dxsk74a7b92vkv5mwaaihqcrlqmhlnq0-navidrome.json --datafolder . --cachefolder cache exited with non-zero status code: exit status 2"
    Feb 22 18:49:32 bert navidrome[230133]: time="2026-02-22T18:49:32-06:00" level=info msg="Stopping HTTP server"

mkForce is required to avoid a conflicting definition error:

    error: The option `systemd.services.navidrome.serviceConfig.MemoryDenyWriteExecute' has conflicting definition values:
    - In `/nix/store/jyqf4h6n1wm7kg3qrc5njvvgzkn1m2j5-nixos-25.11/nixos/nixos/modules/services/audio/navidrome.nix': true
    - In `/root/config/services/navidrome.nix': false
    Use `lib.mkForce value` or `lib.mkDefault value` to change the priority on any of these definitions.
This commit is contained in:
Chandler Swift 2026-02-22 18:51:04 -06:00
parent 259e237ace
commit 4ac95b4f6d
Signed by: chandlerswift
GPG key ID: A851D929D52FB93F
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
bert/services/navidrome.nix
View file

@ -1,4 +1,4 @@
{ {lib, ...}: {
services.navidrome = { services.navidrome = {
enable = true; enable = true;
# 0.60.0 # 0.60.0
@ -9,6 +9,7 @@
EnableSharing = true; EnableSharing = true;
}; };
}; };
systemd.services.navidrome.serviceConfig.MemoryDenyWriteExecute = lib.mkForce false; # https://github.com/navidrome/navidrome/issues/5006#issuecomment-3904723350 (drop with 26.05, probably)
systemd.services.navidrome.after = [ "mnt-bigbird_public.mount" ]; systemd.services.navidrome.after = [ "mnt-bigbird_public.mount" ];
systemd.services.navidrome.requires = [ "mnt-bigbird_public.mount" ]; systemd.services.navidrome.requires = [ "mnt-bigbird_public.mount" ];
} }