2024-04-14 16:13:53 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
2024-04-14 05:37:25 +02:00
|
|
|
let
|
|
|
|
port = 8090;
|
|
|
|
torrentPort = 44183;
|
|
|
|
savePath = "/Main/Data/media/Downloads/";
|
|
|
|
path = "/var/lib/qbittorrent";
|
2024-04-14 16:13:53 +02:00
|
|
|
interfaceAddress = pkgs.coreutils + "/bin/cat ${config.sops.secrets."qbittorrent/interfaceAddress".path}";
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
configurationFile = pkgs.writeText "qbittorrent.conf" ''
|
|
|
|
[Application]
|
|
|
|
FileLogger\Age=1
|
|
|
|
FileLogger\AgeType=1
|
|
|
|
FileLogger\Backup=true
|
|
|
|
FileLogger\DeleteOld=true
|
|
|
|
FileLogger\Enabled=true
|
|
|
|
FileLogger\MaxSizeBytes=66560
|
|
|
|
FileLogger\Path=/Main/Data/media/.qbittorrent/logs
|
|
|
|
MemoryWorkingSetLimit=8192
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[BitTorrent]
|
|
|
|
Session\AddExtensionToIncompleteFiles=true
|
|
|
|
Session\AlternativeGlobalDLSpeedLimit=1000
|
|
|
|
Session\AlternativeGlobalUPSpeedLimit=1000
|
|
|
|
Session\AnonymousModeEnabled=false
|
|
|
|
Session\BTProtocol=Both
|
|
|
|
Session\BandwidthSchedulerEnabled=false
|
|
|
|
Session\DefaultSavePath=/Main/Data/media/Downloads
|
|
|
|
Session\Encryption=1
|
|
|
|
Session\ExcludedFileNames=
|
|
|
|
Session\FinishedTorrentExportDirectory=/Main/Data/media/Downloads/torrents-complete
|
|
|
|
Session\GlobalDLSpeedLimit=0
|
|
|
|
Session\GlobalMaxRatio=1.5
|
|
|
|
Session\GlobalUPSpeedLimit=0
|
|
|
|
Session\I2P\Enabled=true
|
|
|
|
Session\IgnoreLimitsOnLAN=true
|
|
|
|
Session\IncludeOverheadInLimits=true
|
|
|
|
Session\Interface=tun0
|
|
|
|
Session\InterfaceAddress=${interfaceAddress}
|
|
|
|
Session\InterfaceName=tun0
|
|
|
|
Session\LSDEnabled=true
|
|
|
|
Session\MaxActiveCheckingTorrents=15
|
|
|
|
Session\MaxRatioAction=1
|
|
|
|
Session\Port=44183
|
|
|
|
Session\Preallocation=true
|
|
|
|
Session\QueueingSystemEnabled=false
|
|
|
|
Session\SubcategoriesEnabled=true
|
|
|
|
Session\Tags=movie, anime
|
|
|
|
Session\TempPath=/Main/Data/media/Downloads/temp
|
|
|
|
Session\TempPathEnabled=true
|
|
|
|
Session\TorrentExportDirectory=/Main/Data/media/Downloads/torrents
|
|
|
|
Session\UseAlternativeGlobalSpeedLimit=false
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[Core]
|
|
|
|
AutoDeleteAddedTorrentFile=Never
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[LegalNotice]
|
|
|
|
Accepted=true
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[Meta]
|
|
|
|
MigrationVersion=6
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[Network]
|
|
|
|
Cookies="__ddg1_=taU4w9Chkfjo3Llq2wDx; HttpOnly; expires=Sun, 09-Feb-2025 16:45:23 GMT; domain=.nyaa.si; path=/"
|
|
|
|
PortForwardingEnabled=true
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[Preferences]
|
|
|
|
General\Locale=en
|
|
|
|
MailNotification\req_auth=true
|
|
|
|
Scheduler\days=Weekday
|
|
|
|
Scheduler\end_time=@Variant(\0\0\0\xf\x5%q\xa0)
|
|
|
|
WebUI\AuthSubnetWhitelist=192.168.1.0/24, 100.0.0.0/8
|
|
|
|
WebUI\AuthSubnetWhitelistEnabled=true
|
|
|
|
WebUI\Port=${toString port}
|
|
|
|
WebUI\UseUPnP=false
|
2024-04-14 08:09:32 +02:00
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
[RSS]
|
|
|
|
AutoDownloader\DownloadRepacks=true
|
|
|
|
AutoDownloader\EnableProcessing=true
|
|
|
|
AutoDownloader\SmartEpisodeFilter=s(\\d+)e(\\d+), (\\d+)x(\\d+), "(\\d{4}[.\\-]\\d{1,2}[.\\-]\\d{1,2})", "(\\d{1,2}[.\\-]\\d{1,2}[.\\-]\\d{4})"
|
|
|
|
Session\EnableProcessing=true
|
|
|
|
'';
|
2024-04-14 08:09:32 +02:00
|
|
|
|
|
|
|
|
2024-04-14 05:37:25 +02:00
|
|
|
in
|
|
|
|
{
|
2024-04-14 16:13:53 +02:00
|
|
|
|
|
|
|
imports = [
|
|
|
|
../profiles/sops.nix
|
|
|
|
];
|
|
|
|
|
|
|
|
sops.secrets."qbittorrent/interfaceAddress" = {};
|
|
|
|
|
2024-04-14 05:37:25 +02:00
|
|
|
networking.firewall.allowedTCPPorts = [ port torrentPort];
|
|
|
|
networking.firewall.allowedUDPPorts = [ port torrentPort];
|
|
|
|
|
|
|
|
users.users.qbittorrent = {
|
|
|
|
isNormalUser = true; #make this a normal user to be able to make files
|
|
|
|
home = path;
|
|
|
|
group = "qbittorrent";
|
|
|
|
};
|
|
|
|
users.groups.qbittorrent = {};
|
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
systemd.services."qbittorrent-nox" = {
|
2024-04-14 05:37:25 +02:00
|
|
|
after = [ "network.target" ];
|
|
|
|
#environment.HOME = "/var/lib/qbittorrent";
|
|
|
|
|
|
|
|
serviceConfig = {
|
2024-04-14 16:13:53 +02:00
|
|
|
ExecStartPre = "${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/mkdir -p ${path} && ${pkgs.coreutils}/bin/chown -R qbittorrent:qbittorrent ${path} && ${pkgs.coreutils}/bin/chmod -R 755 ${path} && ${pkgs.coreutils}/bin/cp ${configurationFile} ${path}/.config/qBittorrent/qBittorrent.conf'";
|
|
|
|
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox";
|
2024-04-14 05:37:25 +02:00
|
|
|
User = "qbittorrent";
|
|
|
|
Group = "qbittorrent";
|
|
|
|
Restart = "on-failure";
|
|
|
|
|
2024-04-14 16:13:53 +02:00
|
|
|
#DynamicUser = true;
|
|
|
|
#InaccessiblePaths = [ "/home" "/root" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ];
|
2024-04-14 05:37:25 +02:00
|
|
|
|
|
|
|
# Security options
|
2024-04-14 16:13:53 +02:00
|
|
|
#PrivateTmp = true;
|
|
|
|
#ProtectSystem = "full";
|
|
|
|
#ProtectKernelTunables = true;
|
|
|
|
#ProtectKernelModules = true;
|
|
|
|
#ProtectControlGroups = true;
|
|
|
|
#NoNewPrivileges = true;
|
|
|
|
#ProtectHome = true;
|
|
|
|
#PrivateDevices = true;
|
2024-04-14 05:37:25 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|