Compare commits

..

3 commits

Author SHA1 Message Date
Bruno BELANYI aa0a3bf6c9 services: transmission: more configurable settings
All checks were successful
continuous-integration/drone/push Build is passing
2021-03-07 16:04:45 +00:00
Bruno BELANYI 1810d44587 services: transmission: ensure correct permissions 2021-03-07 16:01:48 +00:00
Bruno BELANYI cbc94aae50 services: transmission: remove umask configuration 2021-03-07 15:58:01 +00:00

View file

@ -9,26 +9,44 @@ let
domain = config.networking.domain;
webuiDomain = "transmission.${domain}";
transmissionRpcPort = 9091;
transmissionPeerPort = 30251;
downloadBase = "/data/downloads/"; # NOTE: to be excluded from backups
in
{
options.my.services.transmission = with lib; {
enable = mkEnableOption "Transmission torrent client";
username = mkOption {
type = types.str;
default = "Ambroisie";
example = "username";
description = "Name of the transmission RPC user";
};
password = mkOption {
type = types.str;
example = "password";
description = "Password of the transmission RPC user";
};
downloadBase = mkOption {
type = types.str;
default = "/data/downloads/";
example = "/var/lib/transmission/download";
description = "Download base directory";
};
privatePort = mkOption {
type = types.port;
default = 9091;
example = 8080;
description = "Internal port for webui";
};
peerPort = mkOption {
type = types.port;
default = 30251;
example = 32323;
description = "Peering port";
};
};
config = lib.mkIf cfg.enable {
@ -36,15 +54,16 @@ in
enable = true;
group = "media";
settings = {
download-dir = "${downloadBase}/complete";
incomplete-dir = "${downloadBase}/incomplete";
umask = 0; # Make it world-writeable
downloadDirPermissions = "775";
peer-port = transmissionPeerPort;
settings = {
download-dir = "${cfg.downloadBase}/complete";
incomplete-dir = "${cfg.downloadBase}/incomplete";
peer-port = cfg.peerPort;
rpc-enabled = true;
rpc-port = transmissionRpcPort;
rpc-port = cfg.privatePort;
rpc-authentication-required = true;
rpc-username = cfg.username;
@ -62,12 +81,12 @@ in
forceSSL = true;
useACMEHost = domain;
locations."/".proxyPass = "http://localhost:${toString transmissionRpcPort}";
locations."/".proxyPass = "http://localhost:${toString cfg.privatePort}";
};
networking.firewall = {
allowedTCPPorts = [ transmissionPeerPort ];
allowedUDPPorts = [ transmissionPeerPort ];
allowedTCPPorts = [ cfg.peerPort ];
allowedUDPPorts = [ cfg.peerPort ];
};
};
}