{ pkgs, lib, config, ... }: let inherit (config.services) transmission; inherit (config.users) users; in { users.groups.transmission.members = [ users."julm".name ]; networking.nftables.ruleset = '' add rule inet filter net2fw tcp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission" add rule inet filter net2fw udp dport ${toString transmission.settings.peer-port} counter accept comment "Transmission" add rule inet filter fw2net ip protocol udp skuid ${users.transmission.name} counter accept comment "BitTorrent" ''; services.transmission = { enable = true; home = "/var/torrents"; downloadDirPermissions = "770"; settings = { dht-enabled = true; incomplete-dir-enabled = false; peer-port = 6882; peer-port-random-on-start = false; port-forwarding-enabled = true; preallocation = 0; rpc-bind-address = "127.0.0.1"; rpc-enabled = true; rpc-port = 9091; rpc-whitelist = "127.0.0.1"; rpc-whitelist-enabled = true; speed-limit-up = 10; speed-limit-up-enabled = true; }; }; }