121 lines
4.0 KiB
Nix
121 lines
4.0 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
service_configs,
|
|
lib,
|
|
inputs,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
(lib.serviceMountWithZpool "qbittorrent" service_configs.zpool_hdds [
|
|
service_configs.torrents_path
|
|
config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath
|
|
|
|
])
|
|
(lib.serviceMountWithZpool "qbittorrent" service_configs.zpool_ssds [
|
|
"${config.services.qbittorrent.profileDir}/qBittorrent"
|
|
])
|
|
(lib.vpnNamespaceOpenPort config.services.qbittorrent.webuiPort "qbittorrent")
|
|
(lib.serviceFilePerms "qbittorrent" [
|
|
"Z ${config.services.qbittorrent.serverConfig.Preferences.Downloads.SavePath} 0750 ${config.services.qbittorrent.user} ${service_configs.media_group}"
|
|
"Z ${config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath} 0700 ${config.services.qbittorrent.user} ${config.services.qbittorrent.group}"
|
|
"Z ${config.services.qbittorrent.profileDir} 0700 ${config.services.qbittorrent.user} ${config.services.qbittorrent.group}"
|
|
])
|
|
];
|
|
|
|
services.qbittorrent = {
|
|
enable = true;
|
|
webuiPort = service_configs.ports.torrent;
|
|
profileDir = "/var/lib/qBittorrent";
|
|
|
|
serverConfig.LegalNotice.Accepted = true;
|
|
|
|
serverConfig.Preferences = {
|
|
WebUI = {
|
|
AlternativeUIEnabled = true;
|
|
RootFolder = "${pkgs.vuetorrent}/share/vuetorrent";
|
|
|
|
# disable auth because we use caddy for auth
|
|
AuthSubnetWhitelist = "0.0.0.0/0";
|
|
AuthSubnetWhitelistEnabled = true;
|
|
};
|
|
|
|
Downloads = {
|
|
inherit (service_configs.torrent) SavePath TempPath;
|
|
};
|
|
};
|
|
|
|
serverConfig.BitTorrent = {
|
|
Session = {
|
|
MaxConnectionsPerTorrent = 50;
|
|
MaxUploadsPerTorrent = 10;
|
|
MaxConnections = -1;
|
|
MaxUploads = -1;
|
|
|
|
MaxActiveCheckingTorrents = 5;
|
|
|
|
# queueing
|
|
QueueingSystemEnabled = true;
|
|
MaxActiveDownloads = 5; # keep focused: fewer torrents, each gets more bandwidth
|
|
MaxActiveUploads = -1;
|
|
MaxActiveTorrents = -1;
|
|
IgnoreSlowTorrentsForQueueing = true;
|
|
|
|
GlobalUPSpeedLimit = 0;
|
|
GlobalDLSpeedLimit = 0;
|
|
|
|
# Alternate speed limits for when Jellyfin is streaming
|
|
AlternativeGlobalUPSpeedLimit = 500; # 500 KB/s when throttled
|
|
AlternativeGlobalDLSpeedLimit = 800; # 800 KB/s when throttled
|
|
IncludeOverheadInLimits = true;
|
|
|
|
GlobalMaxRatio = 7.0;
|
|
|
|
AddTrackersEnabled = true;
|
|
AdditionalTrackers = lib.concatStringsSep "\\n" (
|
|
lib.lists.filter (x: x != "") (
|
|
lib.strings.splitString "\n" (builtins.readFile "${inputs.trackerlist}/trackers_all.txt")
|
|
)
|
|
);
|
|
AnnounceToAllTrackers = true;
|
|
|
|
# idk why it also has to be specified here too?
|
|
inherit (config.services.qbittorrent.serverConfig.Preferences.Downloads) TempPath;
|
|
TempPathEnabled = true;
|
|
|
|
# Reduced from 300: that rate floods the VPN tunnel with SYN packets,
|
|
# starving actual data transfer and causing the 0->40MB/s spike pattern.
|
|
ConnectionSpeed = 20;
|
|
|
|
# Automatic Torrent Management: use category save paths for new torrents
|
|
DisableAutoTMMByDefault = false;
|
|
DisableAutoTMMTriggers.CategorySavePathChanged = false;
|
|
DisableAutoTMMTriggers.DefaultSavePathChanged = false;
|
|
|
|
ChokingAlgorithm = "RateBased";
|
|
PieceExtentAffinity = true;
|
|
SuggestMode = true;
|
|
CoalesceReadWrite = true;
|
|
};
|
|
|
|
Network = {
|
|
# traffic is routed through a vpn, we don't need
|
|
# port forwarding
|
|
PortForwardingEnabled = false;
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.qbittorrent.serviceConfig.TimeoutStopSec = lib.mkForce 10;
|
|
|
|
services.caddy.virtualHosts."torrent.${service_configs.https.domain}".extraConfig = ''
|
|
import ${config.age.secrets.caddy_auth.path}
|
|
reverse_proxy ${config.vpnNamespaces.wg.namespaceAddress}:${builtins.toString config.services.qbittorrent.webuiPort}
|
|
'';
|
|
|
|
users.users.${config.services.qbittorrent.user}.extraGroups = [
|
|
service_configs.media_group
|
|
];
|
|
}
|