188 lines
7.1 KiB
Nix
188 lines
7.1 KiB
Nix
{ lib, pkgs, config, ... }:
|
|
#
|
|
# cp -avl (to create hardlinks instead of copy)
|
|
# =============================================
|
|
#
|
|
#┌──────────────────────────────────┐ ┌──────────────────────────────────────┐
|
|
#│/media/torrent2/downloads/music ├─────►│/media/syncthing/music/incomming │
|
|
#└──────────────────────────────────┘ └──────────────────────────────────────┘
|
|
#┌──────────────────────────────────┐ ┌──────────────────────────────────────┐
|
|
#│/media/torrent2/downloads/movies ├─────►│/media/syncthing/movies/incoming │
|
|
#└──────────────────────────────────┘ └──────────────────────────────────────┘
|
|
#┌──────────────────────────────────┐ ┌──────────────────────────────────────┐
|
|
#│/media/torrent2/downloads ├─────►│/media/torrent/incoming │
|
|
#└──────────────────────────────────┘ └──────────────────────────────────────┘
|
|
|
|
let
|
|
uiPort = 9091;
|
|
|
|
#############################################
|
|
# These are inherited from Transmission. #
|
|
# Do not declare these. Just use as needed. #
|
|
# #
|
|
# TR_APP_VERSION #
|
|
# TR_TIME_LOCALTIME #
|
|
# TR_TORRENT_DIR #
|
|
# TR_TORRENT_HASH #
|
|
# TR_TORRENT_ID #
|
|
# TR_TORRENT_NAME #
|
|
# #
|
|
#############################################
|
|
completionScript =
|
|
let
|
|
copy_map = {
|
|
"/media/torrent/downloads/series" = "/media/syncthing/series/incoming";
|
|
"/media/torrent/downloads/music" = "/media/syncthing/music/incoming";
|
|
"/media/torrent/downloads/movies" = "/media/syncthing/movies/incoming";
|
|
"/media/torrent/downloads" = "/media/torrent/incoming";
|
|
};
|
|
copy_script = lib.concatStringsSep "\n" (lib.mapAttrsToList
|
|
(source: target: ''
|
|
if [[ "$TR_TORRENT_DIR" == "${source}" ]]
|
|
then
|
|
cp -val "$TR_TORRENT_DIR/$TR_TORRENT_NAME" "${target}/$TR_TORRENT_NAME"
|
|
fi
|
|
'')
|
|
copy_map);
|
|
in
|
|
pkgs.writers.writeBash "torrent-finished" copy_script;
|
|
in
|
|
{
|
|
|
|
containers.torrent2 = {
|
|
|
|
# mount host folders
|
|
bindMounts = {
|
|
media = {
|
|
hostPath = "/media";
|
|
mountPoint = "/media"; # must be here otherwise transmission can't see the folder
|
|
isReadOnly = false;
|
|
};
|
|
lib = {
|
|
hostPath = "/media/torrent/torrent2_config";
|
|
mountPoint = "/var/lib/transmission/.config";
|
|
isReadOnly = false;
|
|
};
|
|
};
|
|
|
|
# container network setup
|
|
# see also nating on host system.
|
|
autoStart = true;
|
|
|
|
config = { config, pkgs, lib, ... }: {
|
|
|
|
system.stateVersion = "21.05";
|
|
services.journald.extraConfig = "SystemMaxUse=1G";
|
|
|
|
# allow transmission to write in syncthing folders
|
|
users.groups.syncthing = {
|
|
gid = config.ids.gids.syncthing;
|
|
members = [ "transmission" ];
|
|
};
|
|
|
|
services.transmission = {
|
|
enable = true;
|
|
settings = {
|
|
download-dir = "/media/torrent/downloads";
|
|
incomplete-dir = "/media/torrent/incomplete";
|
|
incomplete-dir-enabled = true;
|
|
message-level = 1;
|
|
umask = 2;
|
|
rpc-whitelist-enabled = false;
|
|
rpc-host-whitelist-enabled = false;
|
|
rpc-port = uiPort;
|
|
rpc-enable = true;
|
|
rpc-bind-address = "127.0.0.1";
|
|
|
|
# "normal" speed limits
|
|
speed-limit-down-enabled = false;
|
|
speed-limit-down = 800;
|
|
speed-limit-up-enabled = true;
|
|
speed-limit-up = 3000;
|
|
upload-slots-per-torrent = 8;
|
|
# Queuing
|
|
# When true, Transmission will only download
|
|
# download-queue-size non-stalled torrents at once.
|
|
download-queue-enabled = true;
|
|
download-queue-size = 3;
|
|
|
|
# When true, torrents that have not shared data for
|
|
# queue-stalled-minutes are treated as 'stalled'
|
|
# and are not counted against the queue-download-size
|
|
# and seed-queue-size limits.
|
|
queue-stalled-enabled = true;
|
|
queue-stalled-minutes = 60;
|
|
|
|
# When true. Transmission will only seed seed-queue-size
|
|
# non-stalled torrents at once.
|
|
seed-queue-enabled = false;
|
|
seed-queue-size = 10;
|
|
|
|
# Enable UPnP or NAT-PMP.
|
|
peer-port = 51413;
|
|
port-forwarding-enabled = false;
|
|
# Start torrents as soon as they are added
|
|
|
|
start-added-torrents = true;
|
|
|
|
# notify me when download finished
|
|
script-torrent-done-enabled = true;
|
|
script-torrent-done-filename = completionScript;
|
|
|
|
# Encryption preference.
|
|
# 0 = Prefer unencrypted connections,
|
|
# 1 = Prefer encrypted connections,
|
|
# 2 = Require encrypted connections;
|
|
# default = 1
|
|
# Encryption may help get around some ISP filtering, but at the cost of slightly
|
|
# higher CPU use
|
|
encryption = 2;
|
|
};
|
|
};
|
|
|
|
networking.firewall = {
|
|
allowedTCPPorts = [ 51413 ];
|
|
allowedUDPPorts = [ 51413 ];
|
|
};
|
|
|
|
# bind transmission to openvpn
|
|
systemd.services.transmission = {
|
|
serviceConfig = {
|
|
Restart = "always";
|
|
BindPaths = lib.mkForce [
|
|
"/media" # this is needed otherwise cp -l is not working
|
|
"/var/lib/transmission/.config/transmission-daemon"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall = {
|
|
allowedTCPPorts = [ 51413 ];
|
|
allowedUDPPorts = [ 51413 ];
|
|
};
|
|
|
|
# host nginx setup
|
|
# ----------------
|
|
|
|
# curl -H "Host: transmission.robi.private" https://robi.private/ < will work
|
|
# curl -H "Host: transmission.robi.private" https://144.76.13.147/ < wont work
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
virtualHosts = {
|
|
"transmission2.${config.networking.hostName}.private" = {
|
|
extraConfig = ''
|
|
allow ${config.tinc.private.subnet};
|
|
deny all;
|
|
'';
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString uiPort}";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|