diff --git a/3modules/rtorrent.nix b/3modules/rtorrent.nix
index 2532e1f..98eb5f1 100644
--- a/3modules/rtorrent.nix
+++ b/3modules/rtorrent.nix
@@ -8,8 +8,11 @@ let
nginx-user = config.services.nginx.user;
nginx-group = config.services.nginx.group;
+ fpm-socket = "/var/run/php5-fpm-rutorrent.sock";
+
+ webdir = rucfg.webdir;
rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++
- (if config.nixpkgs.config.allowUnfree then
+ (if (config.nixpkgs.config.allowUnfree or false) then
trace "enabling unfree packages for rutorrent" [ unrar unzip ] else
trace "not enabling unfree packages for rutorrent because allowUnfree is unset" [])
;
@@ -34,7 +37,6 @@ let
echo "replacing scgi port and host variable in conf/config.php"
'';
};
- fpm-socket = "/var/run/php5-fpm.sock";
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
configFile = pkgs.writeText "rtorrent-config" ''
# THIS FILE IS AUTOGENERATED
@@ -73,9 +75,12 @@ let
out = {
options.makefu.rtorrent = api;
- config = lib.recursiveUpdate (lib.mkIf cfg.enable imp)
- ( lib.recursiveUpdate (lib.mkIf cfg.web.enable rpcweb-imp)
- (lib.mkIf cfg.rutorrent.enable rutorrent-imp));
+ # This only works because none of the attrsets returns the same key
+ config = with lib; mkIf cfg.enable (lib.mkMerge [
+ (lib.mkIf webcfg.enable rpcweb-imp)
+ (lib.mkIf rucfg.enable rutorrent-imp)
+ imp
+ ]);
};
api = {
@@ -91,7 +96,7 @@ let
description =''
nginx listen address for rtorrent web
'';
- default = "localhost:8005";
+ default = "localhost:8006";
};
enableAuth = mkEnableOption "rutorrent authentication";
@@ -225,38 +230,62 @@ let
};
imp = {
- systemd.services.rtorrent-daemon = {
- description = "rtorrent headless";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- restartIfChanged = true;
- serviceConfig = {
- Type = "forking";
- ExecStartPre = pkgs.writeDash "prepare-folder" ''
- mkdir -p ${cfg.workDir} ${cfg.sessionDir}
- touch ${systemd-logfile}
- cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc
- '';
- ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'";
+ systemd.services = {
+ rtorrent-daemon = {
+ description = "rtorrent headless";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ restartIfChanged = true;
+ serviceConfig = {
+ Type = "forking";
+ ExecStartPre = pkgs.writeDash "prepare-folder" ''
+ mkdir -p ${cfg.workDir} ${cfg.sessionDir}
+ chmod 770 ${cfg.workDir} ${cfg.sessionDir}
+ touch ${systemd-logfile}
+ cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc
+ '';
+ ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'";
- # PrivateTmp = true;
- ## now you can simply sudo -u rtorrent tmux a
- ## otherwise the tmux session is stored in some private folder in /tmp
- WorkingDirectory = cfg.workDir;
- Restart = "on-failure";
- User = "${cfg.user}";
+ # PrivateTmp = true;
+ ## now you can simply sudo -u rtorrent tmux a
+ ## otherwise the tmux session is stored in some private folder in /tmp
+ WorkingDirectory = cfg.workDir;
+ Restart = "on-failure";
+ User = "${cfg.user}";
+ };
};
-
- };
- systemd.services.rtorrent-log = {
- after = [ "rtorrent-daemon.service" ];
- bindsTo = [ "rtorrent-daemon.service" ];
- wantedBy = [ "rtorrent-daemon.service" ];
- serviceConfig = {
- ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}";
- User = "${cfg.user}";
+ rtorrent-log = {
+ after = [ "rtorrent-daemon.service" ];
+ bindsTo = [ "rtorrent-daemon.service" ];
+ wantedBy = [ "rtorrent-daemon.service" ];
+ serviceConfig = {
+ ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}";
+ User = "${cfg.user}";
+ };
};
- };
+ } // (optionalAttrs webcfg.enable {
+ rutorrent-prepare = {
+ after = [ "rtorrent-daemon.service" ];
+ bindsTo = [ "rtorrent-daemon.service" ];
+ wantedBy = [ "rtorrent-daemon.service" ];
+ serviceConfig = {
+ Type = "oneshot";
+ # we create the folder and set the permissions to allow nginx
+ # TODO: update files if the version of rutorrent changed
+ ExecStart = pkgs.writeDash "create-webconfig-dir" ''
+ if [ ! -e ${webdir} ];then
+ echo "creating webconfiguration directory for rutorrent: ${webdir}"
+ cp -r ${rucfg.package} ${webdir}
+ chown -R ${cfg.user}:${nginx-group} ${webdir}
+ chmod -R 770 ${webdir}
+ else
+ echo "not overwriting ${webdir}"
+ fi
+ '';
+ };
+ };
+ })
+ // (optionalAttrs rucfg.enable { });
users = lib.mkIf (cfg.user == "rtorrent") {
users.rtorrent = {
@@ -264,6 +293,7 @@ let
home = cfg.workDir;
group = nginx-group;
shell = "/bin/sh"; #required for tmux
+ isSystemUser = true;
createHome = true;
};
groups.rtorrent.gid = genid "rtorrent";
@@ -280,6 +310,9 @@ let
auth_basic "rtorrent";
auth_basic_user_file ${webcfg.authfile};
''}
+ ${optionalString rucfg.enable ''
+ root ${webdir};
+ ''}
'';
locations = [
(nameValuePair "/RPC2" ''
@@ -287,39 +320,7 @@ let
scgi_param SCRIPT_NAME /RPC2;
scgi_pass unix:${cfg.xmlrpc-socket};
'')
- ];
- };
- };
-
- rutorrent-imp = let
- webdir = rucfg.webdir;
- in {
- systemd.services.rutorrent-prepare = {
- after = [ "rtorrent-daemon.service" ];
- bindsTo = [ "rtorrent-daemon.service" ];
- wantedBy = [ "rtorrent-daemon.service" ];
- serviceConfig = {
- Type = "oneshot";
- # we create the folder and set the permissions to allow nginx
- # TODO: update files if the version of rutorrent changed
- ExecStart = pkgs.writeDash "create-webconfig-dir" ''
- if [ ! -e ${webdir} ];then
- echo "creating webconfiguration directory for rutorrent: ${webdir}"
- cp -r ${rucfg.package} ${webdir}
- chown -R ${cfg.user}:${nginx-group} ${webdir}
- chmod -R 770 ${webdir}
- else
- echo "not overwriting ${webdir}"
- fi
- '';
- };
- };
- krebs.nginx.servers.rtorrent = {
- extraConfig = ''
- root ${webdir};
- '';
- locations = [
-
+ ] ++ (optional rucfg.enable
(nameValuePair "~ \.php$" ''
client_max_body_size 200M;
root ${webdir};
@@ -330,22 +331,20 @@ let
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
'')
-
- ];
+ );
};
+ };
+
+ rutorrent-imp = {
services.phpfpm = {
# phpfpm does not have an enable option
- poolConfigs = let
- user = config.services.nginx.user;
- group = config.services.nginx.group;
- fpm-socket = "/var/run/php5-fpm.sock";
- in {
+ poolConfigs = {
rutorrent = ''
- user = ${user}
- group = ${group}
+ user = ${nginx-user}
+ group = ${nginx-group}
listen = ${fpm-socket}
- listen.owner = ${user}
- listen.group = ${group}
+ listen.owner = ${nginx-user}
+ listen.group = ${nginx-group}
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
@@ -356,7 +355,6 @@ let
php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on
catch_workers_output = yes
- env[PATH] = ${makeBinPath rutorrent-deps}
'';
};
};