summary refs log tree commit diff
path: root/services/transmission.nix
diff options
context:
space:
mode:
Diffstat (limited to 'services/transmission.nix')
-rw-r--r--services/transmission.nix75
1 files changed, 43 insertions, 32 deletions
diff --git a/services/transmission.nix b/services/transmission.nix
index 01bd1f6..0939a69 100644
--- a/services/transmission.nix
+++ b/services/transmission.nix
@@ -41,45 +41,56 @@ in
     file = ../secrets/pia-login-secrets.age;
   };
 
-  foundation.services = {
-    transmission = {
-      image = transmissionImage;
-
-      volumes = [
-        [ "${transmissionDir}/config" "/var/lib/transmission/config" ]
-        [ "${transmissionDir}/download" "/var/lib/transmission/download" ]
-        [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ]
-      ];
-
-      entrypoint = lib.getExe' transmission "transmission-daemon";
-      cmd = [
-        "--foreground"
-        "--config-dir" "/var/lib/transmission/config"
-      ];
-
-      customNetworkOption = "container:vpn";
+  foundation = {
+    networks.vpn = {
+      enable = true;
+      driver = "bridge";
+      # lower MTU to prevent packet non-deliverability
+      mtu = 1280;
     };
 
-    vpn = {
-      fullImage = gluetunImage;
+    services = {
+      transmission = {
+        image = transmissionImage;
 
-      ports = [
-        (common.tailnetPort me [ transmissionLocalPort 9091 ])
-      ];
+        volumes = [
+          [ "${transmissionDir}/config" "/var/lib/transmission/config" ]
+          [ "${transmissionDir}/download" "/var/lib/transmission/download" ]
+          [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ]
+        ];
 
-      volumes = [
-        [ "${transmissionDir}/gluetun" "/gluetun" ]
-      ];
+        entrypoint = lib.getExe' transmission "transmission-daemon";
+        cmd = [
+          "--foreground"
+          "--config-dir" "/var/lib/transmission/config"
+        ];
 
-      capabilities = [ "NET_ADMIN" ];
-      devices = [ "/dev/net/tun" ];
-
-      environment = {
-        VPN_SERVICE_PROVIDER = "private internet access";
-        SERVER_REGIONS = lib.concatStringsSep "," piaCountries;
+        customNetworkOption = "container:vpn";
       };
 
-      environmentFiles = [ config.age.secrets.pia-login-secrets.path ];
+      vpn = {
+        network = "vpn";
+
+        fullImage = gluetunImage;
+
+        ports = [
+          (common.tailnetPort me [ transmissionLocalPort 9091 ])
+        ];
+
+        volumes = [
+          [ "${transmissionDir}/gluetun" "/gluetun" ]
+        ];
+
+        capabilities = [ "NET_ADMIN" ];
+        devices = [ "/dev/net/tun" ];
+
+        environment = {
+          VPN_SERVICE_PROVIDER = "private internet access";
+          SERVER_REGIONS = lib.concatStringsSep "," piaCountries;
+        };
+
+        environmentFiles = [ config.age.secrets.pia-login-secrets.path ];
+      };
     };
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 12:35:32 +0000