112 lines
3.1 KiB
Nix
112 lines
3.1 KiB
Nix
{ lib, pkgs, config, ... }:
|
|
let
|
|
uiPort = 9099;
|
|
announceIp = "10.23.42.111";
|
|
peerPort = 51433;
|
|
in
|
|
{
|
|
|
|
containers.sync-torrent = {
|
|
|
|
# mount host folders
|
|
bindMounts = {
|
|
media = {
|
|
hostPath = "/media/new";
|
|
mountPoint = "/media"; # must be here otherwise transmission can't see the folder
|
|
isReadOnly = false;
|
|
};
|
|
lib = {
|
|
hostPath = "/srv/sync-torrent";
|
|
mountPoint = "/var/lib/transmission";
|
|
isReadOnly = false;
|
|
};
|
|
};
|
|
|
|
autoStart = true;
|
|
|
|
config = { config, pkgs, lib, ... }: {
|
|
|
|
system.stateVersion = "22.11";
|
|
services.journald.extraConfig = "SystemMaxUse=1G";
|
|
|
|
services.transmission = {
|
|
enable = true;
|
|
settings = {
|
|
download-dir = "/media";
|
|
incomplete-dir = "/var/lib/transmission/incomplete"; # todo put this somewhere with frequent snapshots but low keep.
|
|
incomplete-dir-enabled = true;
|
|
message-level = 1;
|
|
umask = 2;
|
|
rpc-whitelist-enabled = false;
|
|
rpc-host-whitelist-enabled = false;
|
|
rpc-port = uiPort;
|
|
rpc-enable = true;
|
|
rpc-bind-address = "0.0.0.0";
|
|
|
|
# "normal" speed limits
|
|
speed-limit-down-enabled = false;
|
|
speed-limit-down = 800;
|
|
speed-limit-up-enabled = true;
|
|
speed-limit-up = 3000;
|
|
upload-slots-per-torrent = 8;
|
|
# Queuing
|
|
# When true, Transmission will only download
|
|
# download-queue-size non-stalled torrents at once.
|
|
download-queue-enabled = true;
|
|
download-queue-size = 3;
|
|
|
|
# When true, torrents that have not shared data for
|
|
# queue-stalled-minutes are treated as 'stalled'
|
|
# and are not counted against the queue-download-size
|
|
# and seed-queue-size limits.
|
|
queue-stalled-enabled = true;
|
|
queue-stalled-minutes = 60;
|
|
|
|
# When true. Transmission will only seed seed-queue-size
|
|
# non-stalled torrents at once.
|
|
seed-queue-enabled = false;
|
|
seed-queue-size = 10;
|
|
|
|
# Enable UPnP or NAT-PMP.
|
|
peer-port = peerPort;
|
|
port-forwarding-enabled = false;
|
|
announce-ip = announceIp;
|
|
announce-ip-enabled = true;
|
|
|
|
# Start torrents as soon as they are added
|
|
start-added-torrents = true;
|
|
|
|
};
|
|
};
|
|
|
|
};
|
|
};
|
|
|
|
# open ports for logging
|
|
#networking.firewall.interfaces."ve-torrent".allowedTCPPorts =
|
|
# [ 5044 12304 12305 ];
|
|
#networking.firewall.interfaces."ve-torrent".allowedUDPPorts =
|
|
# [ 5044 12304 12305 ];
|
|
|
|
# host nginx setup
|
|
# ----------------
|
|
# curl -H "Host: sync.robi.private" https://robi.private/ < will work
|
|
# curl -H "Host: sync.robi.private" https://144.76.13.147/ < wont work
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
virtualHosts = {
|
|
"sync.${config.networking.hostName}.private" = {
|
|
extraConfig = ''
|
|
allow ${config.tinc.private.subnet};
|
|
deny all;
|
|
'';
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString uiPort}";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|