46 lines
1.2 KiB
Nix
46 lines
1.2 KiB
Nix
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
allTincNetworks =
|
|
builtins.attrNames config.module.cluster.services.tinc;
|
|
|
|
ipAddresses =
|
|
flatten (mapAttrsToList (_: data:
|
|
mapAttrsToList (_: hostConfig: hostConfig.tincIp) data.hosts)
|
|
config.module.cluster.services.tinc);
|
|
|
|
in {
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
statusPage = true;
|
|
virtualHosts = {
|
|
"transmission.${config.networking.hostName}.private" = {
|
|
serverAliases = ["torrent.${config.networking.hostName}.private"];
|
|
locations."/" = {
|
|
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.transmission.port}";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall = {
|
|
allowedTCPPorts = [ config.services.custom.transmission.port ];
|
|
allowedUDPPorts = [ config.services.custom.transmission.port ];
|
|
};
|
|
|
|
services.custom.transmission = {
|
|
enable = true;
|
|
home = "/home/torrent";
|
|
store = "/home/torrent";
|
|
hosts = concatStringsSep "," (map (name: "${config.networking.hostName}.${name}") allTincNetworks);
|
|
whitelist = concatStringsSep "," ipAddresses;
|
|
user = "palo";
|
|
password = lib.fileContents <secrets/transmission/password>;
|
|
};
|
|
|
|
}
|