2021-02-01 14:25:12 +01:00
|
|
|
# Small seedbox setup.
|
|
|
|
#
|
|
|
|
# Inspired by [1]
|
|
|
|
#
|
|
|
|
# [1]: https://github.com/delroth/infra.delroth.net/blob/master/roles/seedbox.nix
|
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
cfg = config.my.services.transmission;
|
|
|
|
|
|
|
|
domain = config.networking.domain;
|
|
|
|
webuiDomain = "transmission.${domain}";
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options.my.services.transmission = with lib; {
|
|
|
|
enable = mkEnableOption "Transmission torrent client";
|
2021-03-07 17:04:45 +01:00
|
|
|
|
2021-02-01 14:25:12 +01:00
|
|
|
username = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "Ambroisie";
|
|
|
|
example = "username";
|
|
|
|
description = "Name of the transmission RPC user";
|
|
|
|
};
|
2021-03-07 17:04:45 +01:00
|
|
|
|
2021-02-01 14:25:12 +01:00
|
|
|
password = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
example = "password";
|
|
|
|
description = "Password of the transmission RPC user";
|
|
|
|
};
|
2021-03-07 17:04:45 +01:00
|
|
|
|
|
|
|
downloadBase = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "/data/downloads/";
|
|
|
|
example = "/var/lib/transmission/download";
|
|
|
|
description = "Download base directory";
|
|
|
|
};
|
|
|
|
|
|
|
|
privatePort = mkOption {
|
|
|
|
type = types.port;
|
|
|
|
default = 9091;
|
|
|
|
example = 8080;
|
|
|
|
description = "Internal port for webui";
|
|
|
|
};
|
|
|
|
|
|
|
|
peerPort = mkOption {
|
|
|
|
type = types.port;
|
|
|
|
default = 30251;
|
|
|
|
example = 32323;
|
|
|
|
description = "Peering port";
|
|
|
|
};
|
2021-02-01 14:25:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
services.transmission = {
|
|
|
|
enable = true;
|
|
|
|
group = "media";
|
|
|
|
|
2021-03-07 17:01:48 +01:00
|
|
|
downloadDirPermissions = "775";
|
|
|
|
|
2021-02-01 14:25:12 +01:00
|
|
|
settings = {
|
2021-03-07 17:04:45 +01:00
|
|
|
download-dir = "${cfg.downloadBase}/complete";
|
|
|
|
incomplete-dir = "${cfg.downloadBase}/incomplete";
|
2021-02-01 14:25:12 +01:00
|
|
|
|
2021-03-07 17:04:45 +01:00
|
|
|
peer-port = cfg.peerPort;
|
2021-02-01 14:25:12 +01:00
|
|
|
|
|
|
|
rpc-enabled = true;
|
2021-03-07 17:04:45 +01:00
|
|
|
rpc-port = cfg.privatePort;
|
2021-02-01 14:25:12 +01:00
|
|
|
rpc-authentication-required = true;
|
|
|
|
|
|
|
|
rpc-username = cfg.username;
|
|
|
|
rpc-password = cfg.password; # Insecure, but I don't care.
|
|
|
|
|
|
|
|
# Proxied behind Nginx.
|
|
|
|
rpc-whitelist-enabled = true;
|
|
|
|
rpc-whitelist = "127.0.0.1";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Default transmission webui, I prefer combustion but its development
|
|
|
|
# seems to have stalled
|
|
|
|
services.nginx.virtualHosts."${webuiDomain}" = {
|
|
|
|
forceSSL = true;
|
2021-02-24 21:50:05 +01:00
|
|
|
useACMEHost = domain;
|
2021-02-01 14:25:12 +01:00
|
|
|
|
2021-03-27 16:48:49 +01:00
|
|
|
locations."/".proxyPass = "http://127.0.0.1:${toString cfg.privatePort}";
|
2021-02-01 14:25:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
networking.firewall = {
|
2021-03-07 17:04:45 +01:00
|
|
|
allowedTCPPorts = [ cfg.peerPort ];
|
|
|
|
allowedUDPPorts = [ cfg.peerPort ];
|
2021-02-01 14:25:12 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|