104 lines
2.8 KiB
Nix
104 lines
2.8 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
service_configs,
|
|
username,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
# network namespace that is proxied through mullvad
|
|
vpnNamespaces.wg = {
|
|
portMappings = [
|
|
{
|
|
from = config.services.qbittorrent.webuiPort;
|
|
to = config.services.qbittorrent.webuiPort;
|
|
}
|
|
];
|
|
|
|
openVPNPorts = [
|
|
{
|
|
port = config.services.qbittorrent.webuiPort;
|
|
protocol = "both";
|
|
}
|
|
];
|
|
};
|
|
|
|
services.qbittorrent = {
|
|
enable = true;
|
|
package = pkgs.qbittorrent-nox;
|
|
webuiPort = service_configs.ports.torrent;
|
|
|
|
serverConfig.LegalNotice.Accepted = true;
|
|
|
|
serverConfig.Preferences = {
|
|
WebUI = {
|
|
AlternativeUIEnabled = true;
|
|
RootFolder = "${pkgs.fetchzip {
|
|
url = "https://github.com/VueTorrent/VueTorrent/releases/download/v2.21.0/vuetorrent.zip";
|
|
sha256 = "ELerk/4q+eR3rmCx/jFoDirrmx12D+5JBfDZjkPK5wA=";
|
|
}}";
|
|
|
|
# disable auth because we use caddy for auth
|
|
AuthSubnetWhitelist = "0.0.0.0/0";
|
|
AuthSubnetWhitelistEnabled = true;
|
|
};
|
|
|
|
Downloads = {
|
|
SavePath = service_configs.torrent.SavePath;
|
|
TempPath = service_configs.torrent.TempPath;
|
|
};
|
|
};
|
|
|
|
serverConfig.BitTorrent = {
|
|
Session = {
|
|
GlobalUPSpeedLimit = 500; # in KiB/s
|
|
GlobalDLSpeedLimit = 0;
|
|
IgnoreLimitsOnLAN = true;
|
|
|
|
# Including overhead in limits ruins download because download
|
|
# uses upload to communicate with seeders
|
|
IncludeOverheadInLimits = false;
|
|
|
|
GlobalMaxRatio = 3;
|
|
QueueingSystemEnabled = false; # seed all torrents all the time
|
|
|
|
AddTrackersEnabled = true;
|
|
AdditionalTrackers = (
|
|
lib.concatStrings (
|
|
map (url: url + "\\n") [
|
|
"udp://tracker.opentrackr.org:1337/announce"
|
|
"udp://open.stealth.si:80/announce"
|
|
"udp://open.demonii.com:1337"
|
|
"udp://exodus.desync.com:6969/announce"
|
|
"udp://tracker.dler.org:6969/announce"
|
|
"udp://tracker.bittor.pw:1337/announce"
|
|
"udp://tracker.torrent.eu.org:451/announce"
|
|
]
|
|
)
|
|
);
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d ${config.services.qbittorrent.serverConfig.Preferences.Downloads.SavePath} 0770 ${config.services.qbittorrent.user} ${service_configs.torrent_group}"
|
|
"d ${config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath} 0770 ${config.services.qbittorrent.user} ${service_configs.torrent_group}"
|
|
];
|
|
|
|
# make qbittorrent use a vpn
|
|
systemd.services.qbittorrent.vpnConfinement = {
|
|
enable = true;
|
|
vpnNamespace = "wg";
|
|
};
|
|
|
|
users.users.${config.services.qbittorrent.user}.extraGroups = [
|
|
service_configs.torrent_group
|
|
];
|
|
|
|
users.users.${username}.extraGroups = [
|
|
config.services.qbittorrent.group
|
|
];
|
|
|
|
}
|