summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--nixos/hosts/ev/default.nix4
-rw-r--r--nixos/hosts/ev/torrent.nix43
-rw-r--r--nixos/lib.nix20
3 files changed, 67 insertions, 0 deletions
diff --git a/nixos/hosts/ev/default.nix b/nixos/hosts/ev/default.nix
index dbda5f3..e59ec01 100644
--- a/nixos/hosts/ev/default.nix
+++ b/nixos/hosts/ev/default.nix
@@ -11,11 +11,15 @@
<top/profiles/server>
<top/shared/tailscale.nix>
<top/shared/basics-physical.nix>
+ <top/shared/vpn.nix>
./home-automation.nix
./kodi.nix
+ ./torrent.nix
];
home-automation.zigbee2mqttPort = 8080;
+ torrent.qbittorrentWebUiPort = 7777;
+ torrent.networkNamespace = "se";
home-automation.zigbeeSerialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_e2fed465c59ded11962fd7a5a7669f5d-if00-port0";
diff --git a/nixos/hosts/ev/torrent.nix b/nixos/hosts/ev/torrent.nix
new file mode 100644
index 0000000..93a7b43
--- /dev/null
+++ b/nixos/hosts/ev/torrent.nix
@@ -0,0 +1,43 @@
+{ config, lib, pkgs, ... }:
+
+let
+ mylib = import <top/lib.nix>;
+ cfg = config.torrent;
+in
+{
+ options.torrent = {
+ qbittorrentWebUiPort = lib.mkOption {
+ type = lib.types.int;
+ };
+ networkNamespace = lib.mkOption {
+ type = lib.types.str;
+ };
+ };
+
+ config = {
+ environment.systemPackages = [pkgs.qbittorrent-nox];
+
+ users.extraUsers.qbittorrent = {
+ isSystemUser = true;
+ group = "qbittorrent";
+ home = "/var/lib/qbittorrent";
+ createHome = true;
+ };
+ users.groups.qbittorrent = {};
+
+ systemd = {
+ packages = [pkgs.qbittorrent-nox];
+ services."qbittorrent" = mylib.joinWgNamespace cfg.networkNamespace {
+ enable = true;
+ path = [pkgs.qbittorrent-nox];
+ serviceConfig = {
+ ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --webui-port=${toString cfg.qbittorrentWebUiPort}";
+ User = "qbittorrent";
+ };
+ wantedBy = ["multi-user.target"];
+ };
+
+ services.qbittorrent-webui-proxy = mylib.mkPortProxy "qbittorrent" cfg.networkNamespace cfg.qbittorrentWebUiPort;
+ };
+ };
+}
diff --git a/nixos/lib.nix b/nixos/lib.nix
index a2d8193..7880cc7 100644
--- a/nixos/lib.nix
+++ b/nixos/lib.nix
@@ -9,4 +9,24 @@ in
unitConfig.JoinsNamespaceOf = "netns@${ns}.service";
serviceConfig.NetworkNamespacePath = "/var/run/netns/${ns}";
};
+
+ mkPortProxy = service: ns: port: {
+ description = "Forward to ${service} in network namespace ${ns}";
+ requires = ["${service}.service"];
+ after = ["${service}.service"];
+ partOf = ["${service}.service"];
+ serviceConfig = {
+ Restart = "on-failure";
+ TimeoutStopSec = 300;
+ };
+ wantedBy = ["multi-user.target"];
+ script =
+ let
+ pkgs = nixpkgs.pkgs;
+ in
+ ''
+ ${pkgs.iproute2}/bin/ip netns exec ${ns} ${pkgs.iproute2}/bin/ip link set dev lo up
+ ${pkgs.socat}/bin/socat tcp-listen:${toString port},fork,reuseaddr exec:'${pkgs.iproute2}/bin/ip netns exec ${ns} ${pkgs.socat}/bin/socat STDIO "tcp-connect:localhost:${toString port}"',nofork
+ '';
+ };
}