machines/losurdo/transmission.nix

   1 { pkgs, lib, config, ... }:
   2 let
   3   inherit (config.services) transmission;
   4   inherit (config.users) users;
   5   inherit (config.security) gnupg;
   6 in
   7 {
   8 users.groups.transmission.members = [
   9   users."julm".name
  10 ];
  11 networking.nftables.ruleset = ''
  12   add rule inet filter net2fw tcp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission"
  13   add rule inet filter net2fw udp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission"
  14   add rule inet filter fw2net meta skuid ${transmission.user}                       counter accept comment "Transmission"
  15 '';
  16 #users.groups.keys.members = [ transmission.user ];
  17 security.gnupg.secrets."transmission/settings.json" = {
  18   user = transmission.user;
  19 };
  20 systemd.services.transmission = {
  21   after = [ gnupg.secrets."transmission/settings.json".service ];
  22   requires = [ gnupg.secrets."transmission/settings.json".service ];
  23 };
  24 services.transmission = {
  25   enable = true;
  26   performanceNetParameters = true;
  27   credentialsFile = gnupg.secrets."transmission/settings.json".path;
  28   settings = {
  29     message-level = 2;
  30     download-dir = "/home/julm/dl/torrents";
  31     incomplete-dir = "/home/julm/dl/torrents/.incoming";
  32     incomplete-dir-enabled = true;
  33     trash-original-torrent-files = false;
  34     preallocation = 0;
  35     umask = 7; # 007 octal, in decimal!
  36     download-queue-enabled = true;
  37     download-queue-size = 5;
  38     peer-id-ttl-hours = 6;
  39     peer-limit-global = 1000;
  40     peer-limit-per-torrent = 100;
  41
  42     peer-port = 6882;
  43     peer-port-random-on-start = false;
  44     encryption = 1;
  45     dht-enabled = true;
  46     lpd-enabled = false;
  47     pex-enabled = true;
  48     port-forwarding-enabled = true;
  49     scrape-paused-torrents-enabled = false;
  50     peer-socket-tos = "lowcost";
  51     queue-stalled-enabled = true;
  52     queue-stalled-minutes = 30;
  53     speed-limit-down-enabled = false;
  54     speed-limit-up = 500;
  55     speed-limit-up-enabled = true;
  56     alt-speed-enabled = true;
  57     alt-speed-time-enabled = true;
  58     alt-speed-down = 5000;
  59     alt-speed-up = 50;
  60     alt-speed-time-day = 127; # all days. 65; # weekend only
  61     alt-speed-time-begin = 360; # 06h00 local time
  62     alt-speed-time-end = 1320; # 22h00 local time
  63     ratio-limit = 4;
  64     ratio-limit-enabled = true;
  65
  66     rpc-enabled = true;
  67     rpc-bind-address = "127.0.0.1";
  68     rpc-port = 9091;
  69     rpc-whitelist = "127.0.0.1";
  70     rpc-whitelist-enabled = true;
  71     #rpc-authentication-required = true;
  72   };
  73 };
  74 }