diff --git a/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix b/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix index 7c6b330..9d1f342 100644 --- a/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix +++ b/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix @@ -36,6 +36,7 @@ users = { groups.media = {}; users = { + transmission.extraGroups = [ "media" ]; radarr.extraGroups = [ "media" ]; }; }; @@ -47,6 +48,31 @@ }; services = { + transmission = { + enable = true; + openPeerPorts = true; + openRPCPort = true; + downloadDirPermissions = null; + performanceNetParameters = true; + settings = { + download-dir = "/mnt/media/downloads/torrents"; + incomplete-dir-enabled = true; + incomplete-dir = "/mnt/media/downloads/torrents/.incomplete"; + umask = 002; + + peer-port = 55471; + utp-enabled = true; + port-forwarding-enabled = false; + + ratio-limit = 2.0; + ratio-limit-enabled = true; + + rpc-bind-address = "::"; + rpc-whitelist-enabled = false; + rpc-host-whitelist-enabled = false; + }; + }; + jackett = { enable = true; openFirewall = true; diff --git a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix index dfb5d0a..c764a0e 100644 --- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix +++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix @@ -153,7 +153,20 @@ in useACMEHost = lib.my.pubDomain; }; - "jackett.${lib.my.pubDomain}" = mkMerge [ + "torrents-test.${lib.my.pubDomain}" = mkMerge [ + { + locations."/" = mkMerge [ + { + proxyPass = "http://jackflix-ctr.${config.networking.domain}:9091"; + } + (ssoLoc "generic") + ]; + useACMEHost = lib.my.pubDomain; + } + (ssoServer "generic") + ]; + + "jackett-test.${lib.my.pubDomain}" = mkMerge [ { locations."/" = mkMerge [ { diff --git a/nixos/boxes/colony/vms/shill/default.nix b/nixos/boxes/colony/vms/shill/default.nix index a8bb84f..c477378 100644 --- a/nixos/boxes/colony/vms/shill/default.nix +++ b/nixos/boxes/colony/vms/shill/default.nix @@ -38,7 +38,20 @@ config = mkMerge [ { - boot.kernelParams = [ "console=ttyS0,115200n8" ]; + boot = { + kernelParams = [ "console=ttyS0,115200n8" ]; + # Stolen from nixos/modules/services/torrent/transmission.nix + kernel.sysctl = { + "net.core.rmem_max" = "4194304"; # 4MB + "net.core.wmem_max" = "1048576"; # 1MB + "net.ipv4.ip_local_port_range" = "16384 65535"; + "net.netfilter.nf_conntrack_generic_timeout" = 60; + "net.netfilter.nf_conntrack_tcp_timeout_established" = 600; + "net.netfilter.nf_conntrack_tcp_timeout_time_wait" = 1; + "net.netfilter.nf_conntrack_max" = 1048576; + }; + }; + fileSystems = { "/boot" = { device = "/dev/disk/by-label/ESP"; diff --git a/nixos/modules/tmproot.nix b/nixos/modules/tmproot.nix index d5ef8d0..cd21814 100644 --- a/nixos/modules/tmproot.nix +++ b/nixos/modules/tmproot.nix @@ -60,6 +60,15 @@ let # The default mode for tmpfs is 777 options = [ "size=${cfg.size}" "mode=755" ]; }; + + persistSimpleSvc = n: mkIf config.services."${n}".enable { + my.tmproot.persistence.config.directories = [ + { + directory = "/var/lib/${n}"; + inherit (config.services."${n}") user group; + } + ]; + }; in { options = with lib.types; { @@ -259,30 +268,10 @@ in } ]; }) - (mkIf config.services.jackett.enable { - my.tmproot.persistence.config.directories = [ - { - directory = "/var/lib/jackett"; - inherit (config.services.jackett) user group; - } - ]; - }) - (mkIf config.services.radarr.enable { - my.tmproot.persistence.config.directories = [ - { - directory = "/var/lib/radarr"; - inherit (config.services.radarr) user group; - } - ]; - }) - (mkIf config.services.sonarr.enable { - my.tmproot.persistence.config.directories = [ - { - directory = "/var/lib/sonarr"; - inherit (config.services.sonarr) user group; - } - ]; - }) + (persistSimpleSvc "transmission") + (persistSimpleSvc "jackett") + (persistSimpleSvc "radarr") + (persistSimpleSvc "sonarr") (mkIf config.my.build.isDevVM { fileSystems = mkVMOverride { # Hijack the "root" device for persistence in the VM