transmission: setup service

This commit is contained in:
Antoine Martin 2021-02-19 22:29:04 +01:00
parent 67523e7e31
commit cdf8695794
6 changed files with 75 additions and 0 deletions

View file

@ -109,6 +109,12 @@ in
postgresql-backup = { postgresql-backup = {
enable = true; enable = true;
}; };
transmission = {
enable = true;
username = "alarsyo";
password = secrets.transmission-password;
};
}; };
security.acme.acceptTerms = true; security.acme.acceptTerms = true;

View file

@ -11,5 +11,6 @@ with lib;
shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret; shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret;
miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret; miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret;
borg-backup-repo = lib.fileContents ./borg-backup-repo.secret; borg-backup-repo = lib.fileContents ./borg-backup-repo.secret;
transmission-password = lib.fileContents ./transmission.secret;
}; };
} }

BIN
secrets/transmission.secret Normal file

Binary file not shown.

View file

@ -12,5 +12,6 @@
./monitoring.nix ./monitoring.nix
./nginx.nix ./nginx.nix
./postgresql-backup.nix ./postgresql-backup.nix
./transmission.nix
]; ];
} }

View file

@ -2,6 +2,7 @@
let let
mediaServices = with config.my.services; [ mediaServices = with config.my.services; [
jellyfin jellyfin
transmission
]; ];
needed = builtins.any (service: service.enable) mediaServices; needed = builtins.any (service: service.enable) mediaServices;
in in

66
services/transmission.nix Normal file
View file

@ -0,0 +1,66 @@
{ config, lib, ... }:
let
cfg = config.my.services.transmission;
domain = config.networking.domain;
webuiDomain = "transmission.${domain}";
transmissionRpcPort = 9091;
transmissionPeerPort = 30251;
downloadBase = "/media/torrents/";
in
{
options.my.services.transmission = with lib; {
enable = mkEnableOption "Transmission torrent client";
username = mkOption {
type = types.str;
default = "alarsyo";
example = "username";
description = "Name of the transmission RPC user";
};
password = mkOption {
type = types.str;
example = "password";
description = "Password of the transmission RPC user";
};
};
config = lib.mkIf cfg.enable {
services.transmission = {
enable = true;
group = "media";
settings = {
download-dir = "${downloadBase}/complete";
incomplete-dir = "${downloadBase}/incomplete";
peer-port = transmissionPeerPort;
rpc-enabled = true;
rpc-port = transmissionRpcPort;
rpc-authentication-required = true;
rpc-username = cfg.username;
rpc-password = cfg.password;
rpc-whitelist-enabled = true;
rpc-whitelist = "127.0.0.1";
};
};
services.nginx.virtualHosts."${webuiDomain}" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://127.0.0.1:${toString transmissionRpcPort}";
};
networking.firewall = {
allowedTCPPorts = [ transmissionPeerPort ];
allowedUDPPorts = [ transmissionPeerPort ];
};
};
}