summary refs log tree commit diff
path: root/services
diff options
context:
space:
mode:
Diffstat (limited to 'services')
-rw-r--r--services/transmission.nix85
1 files changed, 85 insertions, 0 deletions
diff --git a/services/transmission.nix b/services/transmission.nix
new file mode 100644
index 0000000..ec98177
--- /dev/null
+++ b/services/transmission.nix
@@ -0,0 +1,85 @@
+{
+  me,
+  config,
+  lib,
+  pkgs,
+  auxiliaryPkgs,
+  ...
+}:
+
+let
+  inherit (pkgs) dockerTools;
+  inherit (auxiliaryPkgs) common;
+
+  transmission = pkgs.transmission_4;
+
+  transmissionLocalPort = 2018;
+  transmissionDir = "/srv/transmission";
+
+  transmissionImage = dockerTools.streamLayeredImage {
+    name = "transmission";
+    tag = transmission.version;
+    fromImage = common.alpine.base;
+    contents = [ transmission ];
+  };
+
+  gluetunImage = common.pullImage {
+    name = "qmcgaw/gluetun";
+    tag = "v3.39";
+    digest = "sha256:6a8058e626763cbf735ac2f78c774dbb24fec2490bd9d9f7d67e22592cb4a991";
+    x86.sha256 = "1cg43lmp3ql64zsfwp2f52kigijs30n3hnja12msr9npbgq8a8ga";
+  };
+
+  piaCountries = [
+    "Albania" "Austria" "Belgium" "Bosnia and Herzegovina" "Bulgaria"
+    "Czech Republic" "ES Madrid" "ES Valencia" "Estonia" "Georgia" "Greece"
+    "Hungary" "IT Milano" "Poland" "Portugal" "Romania" "Serbia" "Turkey" "Ukraine"
+  ];
+in
+{
+  age.secrets.pia-login-secrets = {
+    file = ../secrets/pia-login-secrets.age;
+  };
+
+  foundation.services = {
+    transmission = {
+      image = transmissionImage;
+
+      volumes = [
+        [ "${transmissionDir}/config" "/var/lib/transmission/config" ]
+        [ "${transmissionDir}/download" "/var/lib/transmission/download" ]
+        [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ]
+      ];
+
+      entrypoint = lib.getExe' transmission "transmission-daemon";
+      cmd = [
+        "--foreground"
+        "--config-dir" "/var/lib/transmission/config"
+      ];
+
+      customNetwork = "container:vpn";
+    };
+
+    vpn = {
+      fullImage = gluetunImage;
+
+      ports = [
+        (common.tailnetPort me [ transmissionLocalPort 9091 ])
+      ];
+
+      volumes = [
+        [ "${transmissionDir}/gluetun" "/gluetun" ]
+      ];
+
+      capabilities = [ "NET_ADMIN" ];
+      devices = [ "/dev/net/tun" ];
+
+      environment = {
+        VPN_SERVICE_PROVIDER = "private internet access";
+        SERVER_REGIONS = lib.concatStringsSep "," piaCountries;
+      };
+
+      environmentFiles = [ config.age.secrets.pia-login-secrets.path ];
+    };
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 12:31:25 +0000