nixos-config/hosts/voyager/services/transmission.nix

77 lines
2.0 KiB
Nix

{ config, pkgs, lib, ... }:
let
host = "127.0.1.2";
port = "5003";
uid = config.ids.uids.transmission;
gid = config.ids.gids.transmission;
in {
sops.secrets."transmission/vpncreds" = {
owner = "transmission";
group = "transmission";
};
users.users.transmission = {
inherit uid;
group = "transmission";
isSystemUser = true;
useDefaultShell = true;
description = "Transmission torrent service";
};
users.groups.transmission = {
inherit gid;
};
# Transmission+PIA: Torrent client, Integrated VPN, Web interface
virtualisation.oci-containers.containers.transmission = {
image = "haugene/transmission-openvpn";
ports = [ "${host}:${port}:9091" ];
volumes = [
"/var/lib/transmission/config:/config"
"/tank/media/transmission:/data"
];
environment = {
OPENVPN_PROVIDER = "PIA";
OPENVPN_CONFIG = "sweden,norway,de_frankfurt";
LOCAL_NETWORK = "192.168.10.0/24";
TRANSMISSION_WEB_UI = "flood-for-transmission";
PUID = toString uid;
PGID = toString gid;
};
environmentFiles = [
# OPENVPN_USERNAME and password is set here
# and optionally TRANSMISSION_RPC_USERNAME and password
config.sops.secrets."transmission/vpncreds".path
];
extraOptions = [
/* "--cap-add=net_admin,net_raw,mknod" */
"--cap-add=NET_ADMIN"
"--device=/dev/net/tun"
];
};
services.nginx.virtualHosts."transmission.home.feal.no" = {
locations."/" = {
proxyPass = "http://${host}:${port}";
};
};
fileSystems = {
"/tank/media/transmission/jellyfin" = {
device = "/tank/media/jellyfin";
options = [ "bind" ];
};
"/tank/media/transmission/music" = {
device = "/tank/media/music";
options = [ "bind" ];
};
"/tank/media/transmission/inbox" = {
device = "/tank/inbox";
options = [ "bind" ];
};
"/tank/media/transmission/other" = {
device = "/tank/media/other";
options = [ "bind" ];
};
};
}