From 036289a0a119159901e20c272b97c00412e41676 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 28 Feb 2022 21:31:52 +0100 Subject: ma omo.r: enable more services --- makefu/2configs/torrent/rtorrent.nix | 73 ++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 makefu/2configs/torrent/rtorrent.nix (limited to 'makefu/2configs/torrent') diff --git a/makefu/2configs/torrent/rtorrent.nix b/makefu/2configs/torrent/rtorrent.nix new file mode 100644 index 000000000..74f1e5fe8 --- /dev/null +++ b/makefu/2configs/torrent/rtorrent.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + basicAuth = import ; + peer-port = 51412; + web-port = 8112; + daemon-port = 58846; + base-dir = config.krebs.rtorrent.workDir; +in { + + users.users = { + download = { + name = "download"; + home = base-dir; + uid = mkDefault (genid "download"); + createHome = true; + useDefaultShell = true; + group = "download"; + openssh.authorizedKeys.keys = [ ]; + }; + }; + + users.extraGroups = { + download = { + gid = lib.mkDefault (genid "download"); + members = [ + config.krebs.build.user.name + "download" + "rtorrent" + "nginx" + ]; + }; + rtorrent.members = [ "download" ]; + }; + + krebs.rtorrent = let + d = config.makefu.dl-dir; + in { + enable = true; + web = { + enable = true; + port = web-port; + inherit basicAuth; + }; + rutorrent.enable = true; + enableXMLRPC = true; + listenPort = peer-port; + downloadDir = d + "/finished/incoming"; + watchDir = d + "/watch"; + # TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories + extraConfig = '' + # log.add_output = "debug", "rtorrent-systemd" + # log.add_output = "dht_debug", "rtorrent-systemd" + # log.add_output = "tracker_debug", "rtorrent-systemd" + log.add_output = "rpc_events", "rtorrent-systemd" + # log.add_output = "rpc_dump", "rtorrent-systemd" + system.daemon.set = true + ''; + # dump old torrents into watch folder to have them re-added + }; + + services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; }; + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT + ''; + + networking.firewall.allowedTCPPorts = [ peer-port ]; + networking.firewall.allowedUDPPorts = [ peer-port ]; + state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded +} -- cgit v1.2.3 From 4904dcf2291d61d41a22f5429327e95e8a7e61ae Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 1 Mar 2022 23:20:22 +0100 Subject: ma torrent: migrate to upstream rtorrent + flood --- makefu/2configs/torrent/rtorrent.nix | 85 +++++++++++++----------------------- 1 file changed, 30 insertions(+), 55 deletions(-) (limited to 'makefu/2configs/torrent') diff --git a/makefu/2configs/torrent/rtorrent.nix b/makefu/2configs/torrent/rtorrent.nix index 74f1e5fe8..79325bfc7 100644 --- a/makefu/2configs/torrent/rtorrent.nix +++ b/makefu/2configs/torrent/rtorrent.nix @@ -1,73 +1,48 @@ { config, lib, pkgs, ... }: -with import ; - let basicAuth = import ; peer-port = 51412; web-port = 8112; daemon-port = 58846; - base-dir = config.krebs.rtorrent.workDir; + dldir = config.makefu.dl-dir; in { + services.rtorrent.enable = true; + services.rtorrent.user = "rtorrent"; + services.rtorrent.group = "download"; + services.rtorrent.downloadDir = dldir; + services.rtorrent.configText = '' + schedule2 = watch_start, 10, 10, ((load.start, (cat, (cfg.watch), "/media/cloud/watch/*.torrent"))) + ''; - users.users = { - download = { - name = "download"; - home = base-dir; - uid = mkDefault (genid "download"); - createHome = true; - useDefaultShell = true; - group = "download"; - openssh.authorizedKeys.keys = [ ]; - }; - }; + services.rtorrent.openFirewall = true; - users.extraGroups = { - download = { - gid = lib.mkDefault (genid "download"); - members = [ - config.krebs.build.user.name - "download" - "rtorrent" - "nginx" - ]; + systemd.services.flood = { + wantedBy = [ "multi-user.target" ]; + wants = [ "rtorrent.service" ]; + after = [ "rtorrent.service" ]; + serviceConfig = { + User = "rtorrent"; + ExecStart = "${pkgs.nodePackages.flood}/bin/flood --auth none --port ${toString web-port} --rtsocket ${config.services.rtorrent.rpcSocket}"; }; - rtorrent.members = [ "download" ]; }; - krebs.rtorrent = let - d = config.makefu.dl-dir; - in { + #security.acme.certs."torrent.${config.krebs.build.host.name}.r".server = config.krebs.ssl.acmeURL; + + services.nginx = { enable = true; - web = { - enable = true; - port = web-port; + virtualHosts."torrent.${config.krebs.build.host.name}.r" = { + # TODO inherit basicAuth; + #enableACME = true; + #addSSL = true; + root = "${pkgs.nodePackages.flood}/lib/node_modules/flood/dist/assets"; + locations."/api".extraConfig = '' + proxy_pass http://localhost:${toString web-port}; + ''; + locations."/".extraConfig = '' + try_files $uri /index.html; + ''; }; - rutorrent.enable = true; - enableXMLRPC = true; - listenPort = peer-port; - downloadDir = d + "/finished/incoming"; - watchDir = d + "/watch"; - # TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories - extraConfig = '' - # log.add_output = "debug", "rtorrent-systemd" - # log.add_output = "dht_debug", "rtorrent-systemd" - # log.add_output = "tracker_debug", "rtorrent-systemd" - log.add_output = "rpc_events", "rtorrent-systemd" - # log.add_output = "rpc_dump", "rtorrent-systemd" - system.daemon.set = true - ''; - # dump old torrents into watch folder to have them re-added }; - - services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; }; - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT - ''; - - networking.firewall.allowedTCPPorts = [ peer-port ]; - networking.firewall.allowedUDPPorts = [ peer-port ]; - state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded } -- cgit v1.2.3