From 1648415ea387676ceb4b78695667dac394267f35 Mon Sep 17 00:00:00 2001 From: Adrian Gunnar Lauterer Date: Sun, 14 Apr 2024 05:37:25 +0200 Subject: [PATCH] alternate simple qbittorrent service --- machines/galadriel/configuration.nix | 2 +- modules/qbittorrent-nox.nix | 6 ++-- services/torrent.nix | 45 ++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 services/torrent.nix diff --git a/machines/galadriel/configuration.nix b/machines/galadriel/configuration.nix index ffedcb6..e6b6137 100644 --- a/machines/galadriel/configuration.nix +++ b/machines/galadriel/configuration.nix @@ -16,7 +16,7 @@ ./zfs.nix ./backup.nix ../../services/smb.nix - ../../services/qbittorrent.nix + ../../services/torrent.nix #../../services/stableDiffusion.nix #../../services/freshrrs.nix #../../services/torrent.nix diff --git a/modules/qbittorrent-nox.nix b/modules/qbittorrent-nox.nix index fb1e1fa..deaad67 100644 --- a/modules/qbittorrent-nox.nix +++ b/modules/qbittorrent-nox.nix @@ -456,7 +456,7 @@ in users.users = lib.mkIf (cfg.user == "qbittorrent") { qbittorrent = { isSystemUser = true; - home = "/var/lib/qbittorrent"; + home = path; group = cfg.group; }; }; @@ -464,9 +464,9 @@ in qbittorrent = {}; }; - systemd.services."qbittorrent-nox@" ={ + systemd.services."qbittorrent-nox" ={ serviceConfig = { - ExecStart = "qbittorrent-nox -d --configuration=${cfg.configFile}"; + ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${cfg.configFile}"; User = cfg.user; Group = cfg.group; Restart = "on-failure"; diff --git a/services/torrent.nix b/services/torrent.nix new file mode 100644 index 0000000..58294e4 --- /dev/null +++ b/services/torrent.nix @@ -0,0 +1,45 @@ +{ config, lib, pkgs, options, ... }: +let + port = 8090; + torrentPort = 44183; + savePath = "/Main/Data/media/Downloads/"; + path = "/var/lib/qbittorrent"; +in +{ + networking.firewall.allowedTCPPorts = [ port torrentPort]; + networking.firewall.allowedUDPPorts = [ port torrentPort]; + + users.users.qbittorrent = { + isNormalUser = true; #make this a normal user to be able to make files + home = path; + group = "qbittorrent"; + }; + users.groups.qbittorrent = {}; + + systemd.services."qbittorrent-nox" ={ + after = [ "network.target" ]; + #environment.HOME = "/var/lib/qbittorrent"; + + serviceConfig = { + ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${path}"; + ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --webui-port=${toString port} --torrenting-port=${toString torrentPort} --save-path=${savePath}"; + User = "qbittorrent"; + Group = "qbittorrent"; + Restart = "on-failure"; + + #DynamicUser = true; + #RuntimeDirectory = "qbittorrent"; + #InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ]; + + # Security options + #PrivateTmp = true; + #ProtectSystem = "full"; + #ProtectKernelTunables = true; + #ProtectKernelModules = true; + #ProtectControlGroups = true; + #NoNewPrivileges = true; + #ProtectHome = true; + #PrivateDevices = true; + }; + }; +} \ No newline at end of file