Compare commits

..

2 Commits

3 changed files with 36 additions and 27 deletions

View File

@ -16,7 +16,7 @@
./zfs.nix ./zfs.nix
./backup.nix ./backup.nix
../../services/smb.nix ../../services/smb.nix
../../services/torrent.nix ../../services/qbittorrent.nix
#../../services/stableDiffusion.nix #../../services/stableDiffusion.nix
#../../services/freshrrs.nix #../../services/freshrrs.nix
#../../services/torrent.nix #../../services/torrent.nix

View File

@ -2,10 +2,10 @@
let let
cfg = config.services.qbittorrent-nox; cfg = config.services.qbittorrent-nox;
cfgPath = "/var/lib/qbittorrent/.config/qBittorrent/qBittorrent.conf";
path = "/var/lib/qbittorrent"; path = "/var/lib/qbittorrent";
cfgPath = "${path}/.config/qBittorrent/qBittorrent.conf";
configurationFile = lib.writeText "${cfgPath}" '' configurationFile = pkgs.writeText "qbittorrent-nox.conf" ''
[Application] [Application]
FileLogger\Age=${toString cfg.Filelogger.age} FileLogger\Age=${toString cfg.Filelogger.age}
FileLogger\AgeType=${toString cfg.Filelogger.ageType} FileLogger\AgeType=${toString cfg.Filelogger.ageType}
@ -24,7 +24,7 @@ let
Session\BTProtocol=${cfg.BTProtocol} Session\BTProtocol=${cfg.BTProtocol}
Session\BandwidthSchedulerEnabled=${toString cfg.BandwidthSchedulerEnabled} Session\BandwidthSchedulerEnabled=${toString cfg.BandwidthSchedulerEnabled}
Session\DefaultSavePath=${cfg.DefaultSavePath} Session\DefaultSavePath=${cfg.DefaultSavePath}
Session\Encryption=${ lib.mkIf cfg.Encryption "1" "0" } Session\Encryption=${toString cfg.Encryption }
Session\ExcludedFileNames=${cfg.ExcludedFileNames} Session\ExcludedFileNames=${cfg.ExcludedFileNames}
Session\FinishedTorrentExportDirectory=${cfg.FinishedTorrentExportDirectory} Session\FinishedTorrentExportDirectory=${cfg.FinishedTorrentExportDirectory}
Session\GlobalDLSpeedLimit=${toString cfg.GlobalDLSpeedLimit} Session\GlobalDLSpeedLimit=${toString cfg.GlobalDLSpeedLimit}
@ -190,8 +190,9 @@ in
}; };
Encryption = lib.mkOption { Encryption = lib.mkOption {
type = lib.types.bool; type = lib.types.int;
default = true; default = 1;
example = "0";
description = "Enable encryption."; description = "Enable encryption.";
}; };
@ -440,12 +441,6 @@ in
description = "RSS Session enable processing."; description = "RSS Session enable processing.";
}; };
configFile = lib.mkOption {
type = lib.types.path;
default = "${cfgPath}";
description = "Path to qbittorrent-nox configuration file.";
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -455,7 +450,7 @@ in
users.users = lib.mkIf (cfg.user == "qbittorrent") { users.users = lib.mkIf (cfg.user == "qbittorrent") {
qbittorrent = { qbittorrent = {
isSystemUser = true; isNormalUser = true;
home = path; home = path;
group = cfg.group; group = cfg.group;
}; };
@ -466,7 +461,9 @@ in
systemd.services."qbittorrent-nox" ={ systemd.services."qbittorrent-nox" ={
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${cfg.configFile}"; #create the configuration file from string using echo
ExecStartPre = "${pkgs.coreutils}/bin/cat ${configurationFile}";
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --configuration=${configurationFile}";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
Restart = "on-failure"; Restart = "on-failure";

View File

@ -3,41 +3,53 @@ let
port = 8090; port = 8090;
torrentPort = 44183; torrentPort = 44183;
savePath = "/Main/Data/media/Downloads/"; savePath = "/Main/Data/media/Downloads/";
path = "/var/lib/qbittorrent";
in in
{ {
networking.firewall.allowedTCPPorts = [ port torrentPort]; networking.firewall.allowedTCPPorts = [ port torrentPort];
networking.firewall.allowedUDPPorts = [ port torrentPort]; networking.firewall.allowedUDPPorts = [ port torrentPort];
users.users.qbittorrent = { users.users.qbittorrent = {
isSystemUser = true; isNormalUser = true; #make this a normal user to be able to make files
home = "/var/lib/qbittorrent"; home = path;
group = "qbittorrent"; group = "qbittorrent";
}; };
users.groups.qbittorrent = {}; users.groups.qbittorrent = {};
systemd.services."qbittorrent-nox" ={ systemd.services."qbittorrent-nox" ={
after = [ "network.target" ]; after = [ "network.target" ];
environment.HOME = "/var/lib/qbittorrent"; #environment.HOME = "/var/lib/qbittorrent";
serviceConfig = { serviceConfig = {
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${path}";
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --webui-port=${toString port} --torrenting-port=${toString torrentPort} --save-path=${savePath}"; ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --webui-port=${toString port} --torrenting-port=${toString torrentPort} --save-path=${savePath}";
User = "qbittorrent"; User = "qbittorrent";
Group = "qbittorrent"; Group = "qbittorrent";
Restart = "on-failure"; Restart = "on-failure";
DynamicUser = true; DynamicUser = true;
RuntimeDirectory = "qbittorrent";
WorkingDirectory = "/var/lib/qbittorrent";
InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ]; InaccessiblePaths = [ "/home" "/root" "/run" "/boot" "/etc" "/proc" "/sys" "/usr" "/lib" "/bin" "/sbin" "/srv" "/opt" ];
# Security options # Security options
#PrivateTmp = true; PrivateTmp = true;
#ProtectSystem = "full"; ProtectSystem = "full";
#ProtectKernelTunables = true; ProtectKernelTunables = true;
#ProtectKernelModules = true; ProtectKernelModules = true;
#ProtectControlGroups = true; ProtectControlGroups = true;
#NoNewPrivileges = true; NoNewPrivileges = true;
#ProtectHome = true; ProtectHome = true;
#PrivateDevices = true; PrivateDevices = true;
}; };
}; };
} }