titaniumtown/server-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
server-config/services/qbittorrent.nix

137 lines
4.1 KiB
Nix
Raw Blame History

{
pkgs,
config,
service_configs,
username,
lib,
serviceMountDeps,
...
}:
{
imports = [
(serviceMountDeps "qbittorrent" [
service_configs.torrents_path
"/var/lib/qBittorrent/qBittorrent"
])
];
# network namespace that is proxied through mullvad
vpnNamespaces.wg = {
portMappings = [
{
from = config.services.qbittorrent.webuiPort;
to = config.services.qbittorrent.webuiPort;
}
];
openVPNPorts = [
{
port = config.services.qbittorrent.webuiPort;
protocol = "both";
}
];
};
services.qbittorrent = {
enable = true;
package = pkgs.qbittorrent-nox;
webuiPort = service_configs.ports.torrent;
serverConfig.LegalNotice.Accepted = true;
serverConfig.Preferences = {
WebUI = {
AlternativeUIEnabled = true;
RootFolder = builtins.toString (
pkgs.fetchzip {
url = "https://github.com/VueTorrent/VueTorrent/releases/download/v2.25.0/vuetorrent.zip";
sha256 = "sOaQNw6AnpwNFEextgTnsjEOfpl3/lpoOZFgFOz7Bos=";
}
);
# disable auth because we use caddy for auth
AuthSubnetWhitelist = "0.0.0.0/0";
AuthSubnetWhitelistEnabled = true;
};
Downloads = {
SavePath = service_configs.torrent.SavePath;
TempPath = service_configs.torrent.TempPath;
};
};
serverConfig.BitTorrent = {
Session = {
GlobalUPSpeedLimit = 0; # unlimited upload
GlobalDLSpeedLimit = 0; # unlimited download
IgnoreLimitsOnLAN = true;
IncludeOverheadInLimits = true;
GlobalMaxRatio = 2.0;
QueueingSystemEnabled = false; # seed all torrents all the time
AddTrackersEnabled = true;
AdditionalTrackers = (
lib.concatStringsSep "\\n" [
"udp://tracker.opentrackr.org:1337/announce"
"udp://open.stealth.si:80/announce"
"udp://open.demonii.com:1337"
"udp://exodus.desync.com:6969/announce"
"udp://tracker.dler.org:6969/announce"
"udp://tracker.bittor.pw:1337/announce"
"udp://tracker.torrent.eu.org:451/announce"
"udp://explodie.org:6969/announce"
"http://tracker.files.fm:6969/announce"
"udp://tracker.tiny-vps.com:6969/announce"
"udp://p4p.arenabg.com:1337/announce"
"udp://tracker.dler.com:6969/announce"
"udp://inferno.demonoid.is:3391/announce"
"udp://tracker.torrent.eu.org:451/announce"
"udp://tracker.ololosh.space:6969/announce"
"udp://ns-1.x-fins.com:6969/announce"
"udp://leet-tracker.moe:1337/announce"
"http://tracker.vanitycore.co:6969/announce"
"http://tracker.sbsub.com:2710/announce"
"http://tracker.moxing.party:6969/announce"
"http://tracker.ipv6tracker.org:80/announce"
"http://tracker.corpscorp.online:80/announce"
"http://shubt.net:2710/announce"
"http://share.hkg-fansub.info:80/announce.php"
"http://servandroidkino.ru:80/announce"
"http://bt.poletracker.org:2710/announce"
"http://0d.kebhana.mx:443/announce"
]
);
};
};
};
systemd.tmpfiles.rules = [
"d ${config.services.qbittorrent.serverConfig.Preferences.Downloads.SavePath} 0750 ${config.services.qbittorrent.user} ${service_configs.torrent_group}"
"d ${config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath} 0750 ${config.services.qbittorrent.user} ${service_configs.torrent_group}"
];
# make qbittorrent use a vpn
systemd.services.qbittorrent.vpnConfinement = {
enable = true;
vpnNamespace = "wg";
};
services.caddy.virtualHosts."torrent.${service_configs.https.domain}".extraConfig = ''
${builtins.readFile ../secrets/caddy_auth}
reverse_proxy ${service_configs.https.wg_ip}:${builtins.toString config.services.qbittorrent.webuiPort}
'';
users.users.${config.services.qbittorrent.user}.extraGroups = [
service_configs.torrent_group
];
users.users.${username}.extraGroups = [
config.services.qbittorrent.group
];
}
Reference in New Issue View Git Blame Copy Permalink