2021-02-03 22:07:11 +01:00
|
|
|
# Torrent and usenet meta-indexers
|
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
cfg = config.my.services.indexers;
|
|
|
|
|
|
|
|
jackettPort = 9117;
|
|
|
|
nzbhydraPort = 5076;
|
2021-10-15 15:11:15 +02:00
|
|
|
prowlarrPort = 9696;
|
2021-02-03 22:07:11 +01:00
|
|
|
in
|
|
|
|
{
|
|
|
|
options.my.services.indexers = with lib; {
|
|
|
|
jackett.enable = mkEnableOption "Jackett torrent meta-indexer";
|
2021-10-15 15:09:48 +02:00
|
|
|
nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer";
|
2021-10-15 15:11:15 +02:00
|
|
|
prowlarr.enable = mkEnableOption "Prowlarr torrent & usenet meta-indexer";
|
2021-02-03 22:07:11 +01:00
|
|
|
};
|
|
|
|
|
2021-10-15 15:10:03 +02:00
|
|
|
config = lib.mkMerge [
|
|
|
|
(lib.mkIf cfg.jackett.enable {
|
|
|
|
services.jackett = {
|
|
|
|
enable = true;
|
|
|
|
};
|
2021-02-03 22:07:11 +01:00
|
|
|
|
2021-10-15 15:10:03 +02:00
|
|
|
# Jackett wants to eat *all* my RAM if left to its own devices
|
|
|
|
systemd.services.jackett = {
|
|
|
|
serviceConfig = {
|
|
|
|
MemoryHigh = "15%";
|
|
|
|
MemoryMax = "25%";
|
|
|
|
};
|
2021-06-15 18:17:37 +02:00
|
|
|
};
|
|
|
|
|
2023-12-25 19:25:08 +01:00
|
|
|
my.services.nginx.virtualHosts = {
|
|
|
|
jackett = {
|
2021-10-15 15:10:03 +02:00
|
|
|
port = jackettPort;
|
2023-12-25 19:25:08 +01:00
|
|
|
};
|
|
|
|
};
|
2021-11-05 14:30:25 +01:00
|
|
|
|
|
|
|
my.system.persist.directories = [
|
|
|
|
config.services.jackett.dataDir
|
|
|
|
];
|
2021-10-15 15:10:03 +02:00
|
|
|
})
|
2021-02-03 22:07:11 +01:00
|
|
|
|
2021-10-15 15:10:03 +02:00
|
|
|
(lib.mkIf cfg.nzbhydra.enable {
|
|
|
|
services.nzbhydra2 = {
|
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
|
2023-12-25 19:25:08 +01:00
|
|
|
my.services.nginx.virtualHosts = {
|
|
|
|
nzbhydra = {
|
2021-10-15 15:10:03 +02:00
|
|
|
port = nzbhydraPort;
|
2023-12-25 19:25:08 +01:00
|
|
|
};
|
|
|
|
};
|
2021-11-05 14:30:25 +01:00
|
|
|
|
|
|
|
my.system.persist.directories = [
|
|
|
|
config.services.nzbhydra2.dataDir
|
|
|
|
];
|
2021-10-15 15:10:03 +02:00
|
|
|
})
|
2021-10-15 15:11:15 +02:00
|
|
|
|
|
|
|
(lib.mkIf cfg.prowlarr.enable {
|
|
|
|
services.prowlarr = {
|
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
|
2023-12-25 19:25:08 +01:00
|
|
|
my.services.nginx.virtualHosts = {
|
|
|
|
prowlarr = {
|
2021-10-15 15:11:15 +02:00
|
|
|
port = prowlarrPort;
|
2023-12-25 19:25:08 +01:00
|
|
|
};
|
|
|
|
};
|
2023-09-03 12:21:04 +02:00
|
|
|
|
2021-11-05 14:30:25 +01:00
|
|
|
my.system.persist.directories = [
|
|
|
|
"/var/lib/prowlarr"
|
|
|
|
];
|
|
|
|
|
2023-09-03 12:21:04 +02:00
|
|
|
services.fail2ban.jails = {
|
|
|
|
prowlarr = ''
|
|
|
|
enabled = true
|
|
|
|
filter = prowlarr
|
|
|
|
action = iptables-allports
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
environment.etc = {
|
|
|
|
"fail2ban/filter.d/prowlarr.conf".text = ''
|
|
|
|
[Definition]
|
|
|
|
failregex = ^.*\|Warn\|Auth\|Auth-Failure ip <HOST> username .*$
|
|
|
|
journalmatch = _SYSTEMD_UNIT=prowlarr.service
|
|
|
|
'';
|
|
|
|
};
|
2021-10-15 15:11:15 +02:00
|
|
|
})
|
2021-10-15 15:10:03 +02:00
|
|
|
];
|
2021-02-03 22:07:11 +01:00
|
|
|
}
|