transmission: setup service
This commit is contained in:
parent
67523e7e31
commit
cdf8695794
|
@ -109,6 +109,12 @@ in
|
||||||
postgresql-backup = {
|
postgresql-backup = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
transmission = {
|
||||||
|
enable = true;
|
||||||
|
username = "alarsyo";
|
||||||
|
password = secrets.transmission-password;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
security.acme.acceptTerms = true;
|
security.acme.acceptTerms = true;
|
||||||
|
|
|
@ -11,5 +11,6 @@ with lib;
|
||||||
shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret;
|
shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret;
|
||||||
miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret;
|
miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret;
|
||||||
borg-backup-repo = lib.fileContents ./borg-backup-repo.secret;
|
borg-backup-repo = lib.fileContents ./borg-backup-repo.secret;
|
||||||
|
transmission-password = lib.fileContents ./transmission.secret;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
BIN
secrets/transmission.secret
Normal file
BIN
secrets/transmission.secret
Normal file
Binary file not shown.
|
@ -12,5 +12,6 @@
|
||||||
./monitoring.nix
|
./monitoring.nix
|
||||||
./nginx.nix
|
./nginx.nix
|
||||||
./postgresql-backup.nix
|
./postgresql-backup.nix
|
||||||
|
./transmission.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
let
|
let
|
||||||
mediaServices = with config.my.services; [
|
mediaServices = with config.my.services; [
|
||||||
jellyfin
|
jellyfin
|
||||||
|
transmission
|
||||||
];
|
];
|
||||||
needed = builtins.any (service: service.enable) mediaServices;
|
needed = builtins.any (service: service.enable) mediaServices;
|
||||||
in
|
in
|
||||||
|
|
66
services/transmission.nix
Normal file
66
services/transmission.nix
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.my.services.transmission;
|
||||||
|
|
||||||
|
domain = config.networking.domain;
|
||||||
|
webuiDomain = "transmission.${domain}";
|
||||||
|
|
||||||
|
transmissionRpcPort = 9091;
|
||||||
|
transmissionPeerPort = 30251;
|
||||||
|
|
||||||
|
downloadBase = "/media/torrents/";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.my.services.transmission = with lib; {
|
||||||
|
enable = mkEnableOption "Transmission torrent client";
|
||||||
|
|
||||||
|
username = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "alarsyo";
|
||||||
|
example = "username";
|
||||||
|
description = "Name of the transmission RPC user";
|
||||||
|
};
|
||||||
|
|
||||||
|
password = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
example = "password";
|
||||||
|
description = "Password of the transmission RPC user";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
services.transmission = {
|
||||||
|
enable = true;
|
||||||
|
group = "media";
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
download-dir = "${downloadBase}/complete";
|
||||||
|
incomplete-dir = "${downloadBase}/incomplete";
|
||||||
|
|
||||||
|
peer-port = transmissionPeerPort;
|
||||||
|
|
||||||
|
rpc-enabled = true;
|
||||||
|
rpc-port = transmissionRpcPort;
|
||||||
|
rpc-authentication-required = true;
|
||||||
|
|
||||||
|
rpc-username = cfg.username;
|
||||||
|
rpc-password = cfg.password;
|
||||||
|
|
||||||
|
rpc-whitelist-enabled = true;
|
||||||
|
rpc-whitelist = "127.0.0.1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."${webuiDomain}" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
|
||||||
|
locations."/".proxyPass = "http://127.0.0.1:${toString transmissionRpcPort}";
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall = {
|
||||||
|
allowedTCPPorts = [ transmissionPeerPort ];
|
||||||
|
allowedUDPPorts = [ transmissionPeerPort ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue