2022-06-08 00:17:55 +03:00
|
|
|
{ config, pkgs, ... }:
|
2022-02-05 21:42:36 +02:00
|
|
|
|
|
|
|
|
{
|
|
|
|
|
age.secrets = {
|
|
|
|
|
transmission-rpc-password = {
|
|
|
|
|
file = ../../../secrets/transmission-rpc-password.age;
|
|
|
|
|
mode = "0400";
|
|
|
|
|
};
|
|
|
|
|
wireguard-key-upload = {
|
|
|
|
|
file = ../../../secrets/wireguard-key-upload.age;
|
|
|
|
|
mode = "0400";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.groups.mediamanagers = {
|
|
|
|
|
gid = 646000020;
|
|
|
|
|
members = [ "transmission" "lidarr" ];
|
|
|
|
|
};
|
|
|
|
|
services.lidarr.group = "mediamanagers";
|
|
|
|
|
services.transmission = {
|
|
|
|
|
enable = true;
|
|
|
|
|
group = "mediamanagers";
|
|
|
|
|
settings = {
|
|
|
|
|
download-dir = "/srv/data/DOWNLOAD";
|
|
|
|
|
incomplete-dir = "/srv/data/DOWNLOAD/.incomplete";
|
|
|
|
|
|
|
|
|
|
# being a leech
|
|
|
|
|
speed-limit-up = 20;
|
|
|
|
|
ratio-limit = 0.01;
|
|
|
|
|
idle-seeding-limit = 1;
|
|
|
|
|
speed-limit-up-enabled = true;
|
|
|
|
|
ratio-limit-enabled = true;
|
|
|
|
|
idle-seeding-limit-enabled = true;
|
|
|
|
|
|
|
|
|
|
utp-enabled = false;
|
|
|
|
|
rpc-bind-address = "0.0.0.0";
|
|
|
|
|
rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*";
|
|
|
|
|
rpc-authentication-required = true;
|
|
|
|
|
};
|
|
|
|
|
credentialsFile = config.age.secrets.transmission-rpc-password.path;
|
|
|
|
|
};
|
|
|
|
|
systemd.services.transmission = {
|
|
|
|
|
after = [ "mnt-media\\x2duploads.mount" ];
|
|
|
|
|
unitConfig = {
|
|
|
|
|
RequiresMountsFor = [ "/mnt/media-uploads" ];
|
|
|
|
|
};
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
BindPaths = [ "/mnt/media-uploads" ];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
|
|
|
|
|
networking.wireguard = {
|
|
|
|
|
enable = true;
|
|
|
|
|
interfaces.wgupload = {
|
|
|
|
|
ips = [ "10.150.0.2/24" ];
|
|
|
|
|
privateKeyFile = config.age.secrets.wireguard-key-upload.path;
|
|
|
|
|
allowedIPsAsRoutes = true;
|
2022-06-08 00:17:55 +03:00
|
|
|
postSetup = "${pkgs.iproute2}/bin/ip link set mtu 1200 wgupload";
|
2022-02-05 21:42:36 +02:00
|
|
|
peers = [
|
|
|
|
|
{
|
|
|
|
|
publicKey = "apKXnlMtcOe8WqCVXJAXEjzppN+qTmESlt0NjMTaclQ=";
|
|
|
|
|
allowedIPs = [ "10.150.0.0/24" ];
|
|
|
|
|
endpoint = "116.202.226.86:6969";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
fileSystems."/mnt/media-uploads" = {
|
|
|
|
|
device = "10.150.0.254:/mnt/storage/media/media/uploads";
|
|
|
|
|
fsType = "nfs4";
|
|
|
|
|
noCheck = true;
|
|
|
|
|
options = [ "rsize=1024" "wsize=1024" "x-systemd.after=wireguard-wgupload.service" "x-systemd.mount-timeout=10s" ];
|
|
|
|
|
};
|
|
|
|
|
}
|
