{ pkgs, lib, config, ... }:
let
  inherit (config.services) transmission;
  inherit (config.users) users;
in
{
users.groups.transmission.members = [
  users."julm".name
];
networking.nftables.ruleset = ''
  add rule inet filter net2fw tcp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission"
  add rule inet filter net2fw udp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission"
  add rule inet filter fw2net ip protocol udp skuid ${users.transmission.name} counter accept comment "BitTorrent"
'';
services.transmission = {
  enable = true;
  enableSandbox = true;
  settings = {
    dht-enabled = true;
    download-dir = "Downloads";
    incomplete-dir-enabled = false;
    preallocation = 0;
    umask = 63;
    
    peer-port = 6882;
    peer-port-random-on-start = false;
    port-forwarding-enabled = true;

    speed-limit-up = 50;
    speed-limit-up-enabled = true;
    alt-speed-enabled = true;
    alt-speed-time-enabled = true;
    alt-speed-down = 0;
    alt-speed-up = 5;
    alt-speed-time-day = 127; # all days. 65; # weekend only
    alt-speed-time-begin = 240; # 04h00 UTC
    alt-speed-time-end = 1260; # 21h00 UTC

    rpc-enabled = true;
    rpc-bind-address = "127.0.0.1";
    rpc-port = 9091;
    rpc-whitelist = "127.0.0.1";
    rpc-whitelist-enabled = true;
  };
};
}