diff options
| author | Mel <einebeere@gmail.com> | 2024-12-16 23:09:24 +0100 |
|---|---|---|
| committer | Mel <einebeere@gmail.com> | 2024-12-16 23:09:24 +0100 |
| commit | 8951443e005295167d4cee4968a2c803dc07b430 (patch) | |
| tree | 83ccded974f600aa08ea3b516c059cb195443414 /services | |
| parent | 7cea3ef593c337667f7efebf49ce609e96cb029f (diff) | |
| download | network-8951443e005295167d4cee4968a2c803dc07b430.tar.zst network-8951443e005295167d4cee4968a2c803dc07b430.zip | |
Deploy Transmission + VPN services
Signed-off-by: Mel <einebeere@gmail.com>
Diffstat (limited to 'services')
| -rw-r--r-- | services/transmission.nix | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/services/transmission.nix b/services/transmission.nix new file mode 100644 index 0000000..ec98177 --- /dev/null +++ b/services/transmission.nix @@ -0,0 +1,85 @@ +{ + me, + config, + lib, + pkgs, + auxiliaryPkgs, + ... +}: + +let + inherit (pkgs) dockerTools; + inherit (auxiliaryPkgs) common; + + transmission = pkgs.transmission_4; + + transmissionLocalPort = 2018; + transmissionDir = "/srv/transmission"; + + transmissionImage = dockerTools.streamLayeredImage { + name = "transmission"; + tag = transmission.version; + fromImage = common.alpine.base; + contents = [ transmission ]; + }; + + gluetunImage = common.pullImage { + name = "qmcgaw/gluetun"; + tag = "v3.39"; + digest = "sha256:6a8058e626763cbf735ac2f78c774dbb24fec2490bd9d9f7d67e22592cb4a991"; + x86.sha256 = "1cg43lmp3ql64zsfwp2f52kigijs30n3hnja12msr9npbgq8a8ga"; + }; + + piaCountries = [ + "Albania" "Austria" "Belgium" "Bosnia and Herzegovina" "Bulgaria" + "Czech Republic" "ES Madrid" "ES Valencia" "Estonia" "Georgia" "Greece" + "Hungary" "IT Milano" "Poland" "Portugal" "Romania" "Serbia" "Turkey" "Ukraine" + ]; +in +{ + age.secrets.pia-login-secrets = { + file = ../secrets/pia-login-secrets.age; + }; + + foundation.services = { + transmission = { + image = transmissionImage; + + volumes = [ + [ "${transmissionDir}/config" "/var/lib/transmission/config" ] + [ "${transmissionDir}/download" "/var/lib/transmission/download" ] + [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ] + ]; + + entrypoint = lib.getExe' transmission "transmission-daemon"; + cmd = [ + "--foreground" + "--config-dir" "/var/lib/transmission/config" + ]; + + customNetwork = "container:vpn"; + }; + + vpn = { + fullImage = gluetunImage; + + ports = [ + (common.tailnetPort me [ transmissionLocalPort 9091 ]) + ]; + + volumes = [ + [ "${transmissionDir}/gluetun" "/gluetun" ] + ]; + + capabilities = [ "NET_ADMIN" ]; + devices = [ "/dev/net/tun" ]; + + environment = { + VPN_SERVICE_PROVIDER = "private internet access"; + SERVER_REGIONS = lib.concatStringsSep "," piaCountries; + }; + + environmentFiles = [ config.age.secrets.pia-login-secrets.path ]; + }; + }; +} |