summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/torrent/rtorrent.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2022-02-28 21:31:52 +0100
committermakefu <github@syntax-fehler.de>2022-02-28 21:31:52 +0100
commit036289a0a119159901e20c272b97c00412e41676 (patch)
tree427103fe394878ecd3890f5d486e92d32616cc5d /makefu/2configs/torrent/rtorrent.nix
parent12ba7d6aeb6a28a94713c5965a22f987f989b5f4 (diff)
ma omo.r: enable more services
Diffstat (limited to 'makefu/2configs/torrent/rtorrent.nix')
-rw-r--r--makefu/2configs/torrent/rtorrent.nix73
1 files changed, 73 insertions, 0 deletions
diff --git a/makefu/2configs/torrent/rtorrent.nix b/makefu/2configs/torrent/rtorrent.nix
new file mode 100644
index 000000000..74f1e5fe8
--- /dev/null
+++ b/makefu/2configs/torrent/rtorrent.nix
@@ -0,0 +1,73 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+
+let
+ basicAuth = import <torrent-secrets/auth.nix>;
+ peer-port = 51412;
+ web-port = 8112;
+ daemon-port = 58846;
+ base-dir = config.krebs.rtorrent.workDir;
+in {
+
+ users.users = {
+ download = {
+ name = "download";
+ home = base-dir;
+ uid = mkDefault (genid "download");
+ createHome = true;
+ useDefaultShell = true;
+ group = "download";
+ openssh.authorizedKeys.keys = [ ];
+ };
+ };
+
+ users.extraGroups = {
+ download = {
+ gid = lib.mkDefault (genid "download");
+ members = [
+ config.krebs.build.user.name
+ "download"
+ "rtorrent"
+ "nginx"
+ ];
+ };
+ rtorrent.members = [ "download" ];
+ };
+
+ krebs.rtorrent = let
+ d = config.makefu.dl-dir;
+ in {
+ enable = true;
+ web = {
+ enable = true;
+ port = web-port;
+ inherit basicAuth;
+ };
+ rutorrent.enable = true;
+ enableXMLRPC = true;
+ listenPort = peer-port;
+ downloadDir = d + "/finished/incoming";
+ watchDir = d + "/watch";
+ # TODO: maybe test out multiple watch dirs with tags: https://github.com/rakshasa/rtorrent/wiki/TORRENT-Watch-directories
+ extraConfig = ''
+ # log.add_output = "debug", "rtorrent-systemd"
+ # log.add_output = "dht_debug", "rtorrent-systemd"
+ # log.add_output = "tracker_debug", "rtorrent-systemd"
+ log.add_output = "rpc_events", "rtorrent-systemd"
+ # log.add_output = "rpc_dump", "rtorrent-systemd"
+ system.daemon.set = true
+ '';
+ # dump old torrents into watch folder to have them re-added
+ };
+
+ services.nginx.virtualHosts."torrent.${config.krebs.build.host.name}.r".locations."/" = { proxyPass = "http://localhost:${toString web-port}/"; };
+
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT
+ '';
+
+ networking.firewall.allowedTCPPorts = [ peer-port ];
+ networking.firewall.allowedUDPPorts = [ peer-port ];
+ state = [ config.krebs.rtorrent.sessionDir ]; # state which torrents were loaded
+}