nixos-config/configs/workhorse/transmission.nix

{ config, lib, ... }:

with lib;

let

  allTincNetworks =
    builtins.attrNames config.module.cluster.services.tinc;

  ipAddresses =
    flatten (mapAttrsToList (_: data:
    mapAttrsToList (_: hostConfig: hostConfig.tincIp) data.hosts)
    config.module.cluster.services.tinc);

in {

  services.nginx = {
    enable = true;
    statusPage = true;
    virtualHosts = {
      "transmission.${config.networking.hostName}.private" = {
        serverAliases = ["torrent.${config.networking.hostName}.private"];
        locations."/" = {
          proxyPass = "http://${config.networking.hostName}.private:${toString config.services.transmission.port}";
        };
      };
    };
  };

  networking.firewall = {
    allowedTCPPorts = [ config.services.custom.transmission.port ];
    allowedUDPPorts = [ config.services.custom.transmission.port ];
  };

  services.custom.transmission = {
    enable = true;
    home = "/home/torrent";
    store = "/home/torrent";
    hosts = concatStringsSep "," (map (name: "${config.networking.hostName}.${name}") allTincNetworks);
    whitelist = concatStringsSep "," ipAddresses;
    user = "palo";
    password = lib.fileContents <secrets/transmission/password>;
  };

}
init 2019-10-24 02:20:38 +02:00			`{ config, lib, ... }:`

			`with lib;`

			`let`

			`allTincNetworks =`
			`builtins.attrNames config.module.cluster.services.tinc;`

			`ipAddresses =`
			`flatten (mapAttrsToList (_: data:`
			`mapAttrsToList (_: hostConfig: hostConfig.tincIp) data.hosts)`
			`config.module.cluster.services.tinc);`

			`in {`

			`services.nginx = {`
			`enable = true;`
			`statusPage = true;`
			`virtualHosts = {`
			`"transmission.${config.networking.hostName}.private" = {`
			`serverAliases = ["torrent.${config.networking.hostName}.private"];`
			`locations."/" = {`
			`proxyPass = "http://${config.networking.hostName}.private:${toString config.services.transmission.port}";`
			`};`
			`};`
			`};`
			`};`

			`networking.firewall = {`
			`allowedTCPPorts = [ config.services.custom.transmission.port ];`
			`allowedUDPPorts = [ config.services.custom.transmission.port ];`
			`};`

			`services.custom.transmission = {`
			`enable = true;`
			`home = "/home/torrent";`
			`store = "/home/torrent";`
			`hosts = concatStringsSep "," (map (name: "${config.networking.hostName}.${name}") allTincNetworks);`
			`whitelist = concatStringsSep "," ipAddresses;`
			`user = "palo";`
			`password = lib.fileContents <secrets/transmission/password>;`
			`};`

			`}`