2016-08-21 11:55:46 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
2016-10-20 20:54:38 +02:00
|
|
|
with import <stockholm/lib>;
|
2016-08-21 11:55:46 +02:00
|
|
|
|
|
|
|
let
|
2016-12-22 15:41:49 +01:00
|
|
|
basicAuth = import <torrent-secrets/auth.nix>;
|
2016-08-21 11:55:46 +02:00
|
|
|
peer-port = 51412;
|
|
|
|
web-port = 8112;
|
|
|
|
daemon-port = 58846;
|
2018-10-21 23:20:19 +02:00
|
|
|
base-dir = config.krebs.rtorrent.workDir;
|
2016-08-21 11:55:46 +02:00
|
|
|
in {
|
|
|
|
|
|
|
|
users.users = {
|
|
|
|
download = {
|
|
|
|
name = "download";
|
2018-08-06 17:52:48 +02:00
|
|
|
home = base-dir;
|
2017-04-24 23:22:13 +02:00
|
|
|
uid = mkDefault (genid "download");
|
2016-08-21 11:55:46 +02:00
|
|
|
createHome = true;
|
|
|
|
useDefaultShell = true;
|
|
|
|
group = "download";
|
|
|
|
openssh.authorizedKeys.keys = [ ];
|
|
|
|
};
|
|
|
|
};
|
2016-08-24 12:16:18 +02:00
|
|
|
|
2016-08-21 11:55:46 +02:00
|
|
|
users.extraGroups = {
|
|
|
|
download = {
|
2017-04-24 23:22:13 +02:00
|
|
|
gid = lib.mkDefault (genid "download");
|
2016-08-21 11:55:46 +02:00
|
|
|
members = [
|
|
|
|
config.krebs.build.user.name
|
|
|
|
"download"
|
2016-08-24 12:16:18 +02:00
|
|
|
"rtorrent"
|
|
|
|
"nginx"
|
2016-08-21 11:55:46 +02:00
|
|
|
];
|
|
|
|
};
|
2018-08-06 17:52:48 +02:00
|
|
|
rtorrent.members = [ "download" ];
|
2016-08-21 11:55:46 +02:00
|
|
|
};
|
|
|
|
|
2019-09-25 14:19:11 +02:00
|
|
|
krebs.rtorrent = let
|
|
|
|
d = config.makefu.dl-dir;
|
|
|
|
in {
|
2016-08-21 11:55:46 +02:00
|
|
|
enable = true;
|
2016-08-24 12:16:18 +02:00
|
|
|
web = {
|
|
|
|
enable = true;
|
2016-12-22 15:41:49 +01:00
|
|
|
port = web-port;
|
|
|
|
inherit basicAuth;
|
2016-08-21 11:55:46 +02:00
|
|
|
};
|
2016-08-24 12:16:18 +02:00
|
|
|
rutorrent.enable = true;
|
|
|
|
enableXMLRPC = true;
|
|
|
|
listenPort = peer-port;
|
2019-09-25 14:19:11 +02:00
|
|
|
downloadDir = d + "/finished/incoming";
|
|
|
|
watchDir = d + "/watch";
|
|
|
|
# TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories
|
|
|
|
extraConfig = ''
|
|
|
|
# log.add_output = "debug", "rtorrent-systemd"
|
|
|
|
# log.add_output = "dht_debug", "rtorrent-systemd"
|
|
|
|
# log.add_output = "tracker_debug", "rtorrent-systemd"
|
|
|
|
log.add_output = "rpc_events", "rtorrent-systemd"
|
2019-09-25 15:07:32 +02:00
|
|
|
# log.add_output = "rpc_dump", "rtorrent-systemd"
|
2019-09-25 14:19:11 +02:00
|
|
|
system.daemon.set = true
|
|
|
|
'';
|
2016-08-24 12:16:18 +02:00
|
|
|
# dump old torrents into watch folder to have them re-added
|
2016-08-21 11:55:46 +02:00
|
|
|
};
|
|
|
|
|
2018-10-21 23:20:19 +02:00
|
|
|
services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; };
|
|
|
|
|
2016-08-21 11:55:46 +02:00
|
|
|
networking.firewall.extraCommands = ''
|
2016-08-24 12:16:18 +02:00
|
|
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT
|
2016-08-21 11:55:46 +02:00
|
|
|
'';
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ peer-port ];
|
|
|
|
networking.firewall.allowedUDPPorts = [ peer-port ];
|
2018-10-21 23:20:19 +02:00
|
|
|
state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded
|
2016-08-21 11:55:46 +02:00
|
|
|
}
|