nixos-config/2configs/torrent.nix

74 lines
2 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
2016-10-20 20:54:38 +02:00
with import <stockholm/lib>;
let
basicAuth = import <torrent-secrets/auth.nix>;
peer-port = 51412;
web-port = 8112;
daemon-port = 58846;
base-dir = config.krebs.rtorrent.workDir;
in {
users.users = {
download = {
name = "download";
home = base-dir;
2017-04-24 23:22:13 +02:00
uid = mkDefault (genid "download");
createHome = true;
useDefaultShell = true;
group = "download";
openssh.authorizedKeys.keys = [ ];
};
};
2016-08-24 12:16:18 +02:00
users.extraGroups = {
download = {
2017-04-24 23:22:13 +02:00
gid = lib.mkDefault (genid "download");
members = [
config.krebs.build.user.name
"download"
2016-08-24 12:16:18 +02:00
"rtorrent"
"nginx"
];
};
rtorrent.members = [ "download" ];
};
2019-09-25 14:19:11 +02:00
krebs.rtorrent = let
d = config.makefu.dl-dir;
in {
enable = true;
2016-08-24 12:16:18 +02:00
web = {
enable = true;
port = web-port;
inherit basicAuth;
};
2016-08-24 12:16:18 +02:00
rutorrent.enable = true;
enableXMLRPC = true;
listenPort = peer-port;
2019-09-25 14:19:11 +02:00
downloadDir = d + "/finished/incoming";
watchDir = d + "/watch";
# TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories
extraConfig = ''
# log.add_output = "debug", "rtorrent-systemd"
# log.add_output = "dht_debug", "rtorrent-systemd"
# log.add_output = "tracker_debug", "rtorrent-systemd"
log.add_output = "rpc_events", "rtorrent-systemd"
2019-09-25 15:07:32 +02:00
# log.add_output = "rpc_dump", "rtorrent-systemd"
2019-09-25 14:19:11 +02:00
system.daemon.set = true
'';
2016-08-24 12:16:18 +02:00
# dump old torrents into watch folder to have them re-added
};
services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; };
networking.firewall.extraCommands = ''
2016-08-24 12:16:18 +02:00
iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT
'';
networking.firewall.allowedTCPPorts = [ peer-port ];
networking.firewall.allowedUDPPorts = [ peer-port ];
state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded
}