From 695bcd65c97614959d00ddaafd7081375bc540c6 Mon Sep 17 00:00:00 2001 From: Adrian Gunnar Lauterer Date: Sun, 14 Apr 2024 08:09:32 +0200 Subject: [PATCH] try fixing fancy qbittorent module --- machines/galadriel/configuration.nix | 2 +- modules/qbittorrent-nox.nix | 23 +++++++++----------- services/torrent.nix | 32 ++++++++++++++++++---------- 3 files changed, 32 insertions(+), 25 deletions(-) diff --git a/machines/galadriel/configuration.nix b/machines/galadriel/configuration.nix index e6b6137..ffedcb6 100644 --- a/machines/galadriel/configuration.nix +++ b/machines/galadriel/configuration.nix @@ -16,7 +16,7 @@ ./zfs.nix ./backup.nix ../../services/smb.nix - ../../services/torrent.nix + ../../services/qbittorrent.nix #../../services/stableDiffusion.nix #../../services/freshrrs.nix #../../services/torrent.nix diff --git a/modules/qbittorrent-nox.nix b/modules/qbittorrent-nox.nix index deaad67..685a8e0 100644 --- a/modules/qbittorrent-nox.nix +++ b/modules/qbittorrent-nox.nix @@ -2,10 +2,10 @@ let cfg = config.services.qbittorrent-nox; - cfgPath = "/var/lib/qbittorrent/.config/qBittorrent/qBittorrent.conf"; path = "/var/lib/qbittorrent"; + cfgPath = "${path}/.config/qBittorrent/qBittorrent.conf"; - configurationFile = lib.writeText "${cfgPath}" '' + configurationFile = pkgs.writeText "qbittorrent-nox.conf" '' [Application] FileLogger\Age=${toString cfg.Filelogger.age} FileLogger\AgeType=${toString cfg.Filelogger.ageType} @@ -24,7 +24,7 @@ let Session\BTProtocol=${cfg.BTProtocol} Session\BandwidthSchedulerEnabled=${toString cfg.BandwidthSchedulerEnabled} Session\DefaultSavePath=${cfg.DefaultSavePath} - Session\Encryption=${ lib.mkIf cfg.Encryption "1" "0" } + Session\Encryption=${toString cfg.Encryption } Session\ExcludedFileNames=${cfg.ExcludedFileNames} Session\FinishedTorrentExportDirectory=${cfg.FinishedTorrentExportDirectory} Session\GlobalDLSpeedLimit=${toString cfg.GlobalDLSpeedLimit} @@ -190,8 +190,9 @@ in }; Encryption = lib.mkOption { - type = lib.types.bool; - default = true; + type = lib.types.int; + default = 1; + example = "0"; description = "Enable encryption."; }; @@ -439,12 +440,6 @@ in default = false; description = "RSS Session enable processing."; }; - - configFile = lib.mkOption { - type = lib.types.path; - default = "${cfgPath}"; - description = "Path to qbittorrent-nox configuration file."; - }; }; @@ -455,7 +450,7 @@ in users.users = lib.mkIf (cfg.user == "qbittorrent") { qbittorrent = { - isSystemUser = true; + isNormalUser = true; home = path; group = cfg.group; }; @@ -466,7 +461,9 @@ in systemd.services."qbittorrent-nox" ={ serviceConfig = { - ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${cfg.configFile}"; + #create the configuration file from string using echo + ExecStartPre = "${pkgs.coreutils}/bin/cat ${configurationFile}"; + ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${configurationFile}"; User = cfg.user; Group = cfg.group; Restart = "on-failure"; diff --git a/services/torrent.nix b/services/torrent.nix index 58294e4..acc8f53 100644 --- a/services/torrent.nix +++ b/services/torrent.nix @@ -4,6 +4,17 @@ let torrentPort = 44183; savePath = "/Main/Data/media/Downloads/"; path = "/var/lib/qbittorrent"; + + + + + + + + + + + in { networking.firewall.allowedTCPPorts = [ port torrentPort]; @@ -27,19 +38,18 @@ in Group = "qbittorrent"; Restart = "on-failure"; - #DynamicUser = true; - #RuntimeDirectory = "qbittorrent"; - #InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ]; + DynamicUser = true; + InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ]; # Security options - #PrivateTmp = true; - #ProtectSystem = "full"; - #ProtectKernelTunables = true; - #ProtectKernelModules = true; - #ProtectControlGroups = true; - #NoNewPrivileges = true; - #ProtectHome = true; - #PrivateDevices = true; + PrivateTmp = true; + ProtectSystem = "full"; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; + NoNewPrivileges = true; + ProtectHome = true; + PrivateDevices = true; }; }; } \ No newline at end of file