config/hosts/TITAN/extras/fbi-downloader.nix

{ config, ... }:

{
  age.secrets = {
    transmission-rpc-password = {
      file = ../../../secrets/transmission-rpc-password.age;
      mode = "0400";
    };
    wireguard-key-upload = {
      file = ../../../secrets/wireguard-key-upload.age;
      mode = "0400";
    };
  };

  users.groups.mediamanagers = {
    gid = 646000020;
    members = [ "transmission" "lidarr" ];
  };
  services.lidarr.group = "mediamanagers";
  services.transmission = {
    enable = true;
    group = "mediamanagers";
    settings = {
      download-dir = "/srv/data/DOWNLOAD";
      incomplete-dir = "/srv/data/DOWNLOAD/.incomplete";

      # being a leech
      speed-limit-up = 20;
      ratio-limit = 0.01;
      idle-seeding-limit = 1;
      speed-limit-up-enabled = true;
      ratio-limit-enabled = true;
      idle-seeding-limit-enabled = true;

      utp-enabled = false;
      rpc-bind-address = "0.0.0.0";
      rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*";
      rpc-authentication-required = true;
    };
    credentialsFile = config.age.secrets.transmission-rpc-password.path;
  };
  systemd.services.transmission = {
    after = [ "mnt-media\\x2duploads.mount" ];
    unitConfig = {
      RequiresMountsFor = [ "/mnt/media-uploads" ];
    };
    serviceConfig = {
      BindPaths = [ "/mnt/media-uploads" ];
    };
  };

  networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
  networking.wireguard = {
    enable = true;
    interfaces.wgupload = {
      ips = [ "10.150.0.2/24" ];
      privateKeyFile = config.age.secrets.wireguard-key-upload.path;
      allowedIPsAsRoutes = true;
      peers = [
        {
          publicKey = "apKXnlMtcOe8WqCVXJAXEjzppN+qTmESlt0NjMTaclQ=";
          allowedIPs = [ "10.150.0.0/24" ];
          endpoint = "116.202.226.86:6969";
        }
      ];
    };
  };
  fileSystems."/mnt/media-uploads" = {
    device = "10.150.0.254:/mnt/storage/media/media/uploads";
    fsType = "nfs4";
    noCheck = true;
    options = [ "rsize=1024" "wsize=1024" "x-systemd.after=wireguard-wgupload.service" "x-systemd.mount-timeout=10s" ];
  };
}
import from old repo 2022-02-05 21:42:36 +02:00			`{ config, ... }:`

			`{`
			`age.secrets = {`
			`transmission-rpc-password = {`
			`file = ../../../secrets/transmission-rpc-password.age;`
			`mode = "0400";`
			`};`
			`wireguard-key-upload = {`
			`file = ../../../secrets/wireguard-key-upload.age;`
			`mode = "0400";`
			`};`
			`};`

			`users.groups.mediamanagers = {`
			`gid = 646000020;`
			`members = [ "transmission" "lidarr" ];`
			`};`
			`services.lidarr.group = "mediamanagers";`
			`services.transmission = {`
			`enable = true;`
			`group = "mediamanagers";`
			`settings = {`
			`download-dir = "/srv/data/DOWNLOAD";`
			`incomplete-dir = "/srv/data/DOWNLOAD/.incomplete";`

			`# being a leech`
			`speed-limit-up = 20;`
			`ratio-limit = 0.01;`
			`idle-seeding-limit = 1;`
			`speed-limit-up-enabled = true;`
			`ratio-limit-enabled = true;`
			`idle-seeding-limit-enabled = true;`

			`utp-enabled = false;`
			`rpc-bind-address = "0.0.0.0";`
			`rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.,10.100.1.,10.100.3.*";`
			`rpc-authentication-required = true;`
			`};`
			`credentialsFile = config.age.secrets.transmission-rpc-password.path;`
			`};`
			`systemd.services.transmission = {`
			`after = [ "mnt-media\\x2duploads.mount" ];`
			`unitConfig = {`
			`RequiresMountsFor = [ "/mnt/media-uploads" ];`
			`};`
			`serviceConfig = {`
			`BindPaths = [ "/mnt/media-uploads" ];`
			`};`
			`};`

			`networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];`
			`networking.wireguard = {`
			`enable = true;`
			`interfaces.wgupload = {`
			`ips = [ "10.150.0.2/24" ];`
			`privateKeyFile = config.age.secrets.wireguard-key-upload.path;`
			`allowedIPsAsRoutes = true;`
			`peers = [`
			`{`
			`publicKey = "apKXnlMtcOe8WqCVXJAXEjzppN+qTmESlt0NjMTaclQ=";`
			`allowedIPs = [ "10.150.0.0/24" ];`
			`endpoint = "116.202.226.86:6969";`
			`}`
			`];`
			`};`
			`};`
			`fileSystems."/mnt/media-uploads" = {`
			`device = "10.150.0.254:/mnt/storage/media/media/uploads";`
			`fsType = "nfs4";`
			`noCheck = true;`
			`options = [ "rsize=1024" "wsize=1024" "x-systemd.after=wireguard-wgupload.service" "x-systemd.mount-timeout=10s" ];`
			`};`
			`}`