blob: 74f1e5fe88838e1a3d7c6ed222061ff36118dd2b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
basicAuth = import <torrent-secrets/auth.nix>;
peer-port = 51412;
web-port = 8112;
daemon-port = 58846;
base-dir = config.krebs.rtorrent.workDir;
in {
users.users = {
download = {
name = "download";
home = base-dir;
uid = mkDefault (genid "download");
createHome = true;
useDefaultShell = true;
group = "download";
openssh.authorizedKeys.keys = [ ];
};
};
users.extraGroups = {
download = {
gid = lib.mkDefault (genid "download");
members = [
config.krebs.build.user.name
"download"
"rtorrent"
"nginx"
];
};
rtorrent.members = [ "download" ];
};
krebs.rtorrent = let
d = config.makefu.dl-dir;
in {
enable = true;
web = {
enable = true;
port = web-port;
inherit basicAuth;
};
rutorrent.enable = true;
enableXMLRPC = true;
listenPort = peer-port;
downloadDir = d + "/finished/incoming";
watchDir = d + "/watch";
# TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories
extraConfig = ''
# log.add_output = "debug", "rtorrent-systemd"
# log.add_output = "dht_debug", "rtorrent-systemd"
# log.add_output = "tracker_debug", "rtorrent-systemd"
log.add_output = "rpc_events", "rtorrent-systemd"
# log.add_output = "rpc_dump", "rtorrent-systemd"
system.daemon.set = true
'';
# dump old torrents into watch folder to have them re-added
};
services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; };
networking.firewall.extraCommands = ''
iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT
'';
networking.firewall.allowedTCPPorts = [ peer-port ];
networking.firewall.allowedUDPPorts = [ peer-port ];
state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded
}
|