{ me, config, lib, pkgs, auxiliaryPkgs, ... }: let inherit (pkgs) dockerTools; inherit (auxiliaryPkgs) common; transmission = pkgs.transmission_4; transmissionLocalPort = 2018; transmissionDir = "/srv/transmission"; transmissionImage = dockerTools.streamLayeredImage { name = "transmission"; tag = transmission.version; fromImage = common.alpine.base; contents = [ transmission ]; }; gluetunImage = common.pullImage { name = "qmcgaw/gluetun"; tag = "v3.39"; digest = "sha256:6a8058e626763cbf735ac2f78c774dbb24fec2490bd9d9f7d67e22592cb4a991"; x86.sha256 = "1cg43lmp3ql64zsfwp2f52kigijs30n3hnja12msr9npbgq8a8ga"; }; piaCountries = [ "Albania" "Austria" "Belgium" "Bosnia and Herzegovina" "Bulgaria" "Czech Republic" "ES Madrid" "ES Valencia" "Estonia" "Georgia" "Greece" "Hungary" "IT Milano" "Poland" "Portugal" "Romania" "Serbia" "Turkey" "Ukraine" ]; in { age.secrets.pia-login-secrets = { file = ../secrets/pia-login-secrets.age; }; foundation.services = { transmission = { image = transmissionImage; volumes = [ [ "${transmissionDir}/config" "/var/lib/transmission/config" ] [ "${transmissionDir}/download" "/var/lib/transmission/download" ] [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ] ]; entrypoint = lib.getExe' transmission "transmission-daemon"; cmd = [ "--foreground" "--config-dir" "/var/lib/transmission/config" ]; customNetworkOption = "container:vpn"; }; vpn = { fullImage = gluetunImage; ports = [ (common.tailnetPort me [ transmissionLocalPort 9091 ]) ]; volumes = [ [ "${transmissionDir}/gluetun" "/gluetun" ] ]; capabilities = [ "NET_ADMIN" ]; devices = [ "/dev/net/tun" ]; environment = { VPN_SERVICE_PROVIDER = "private internet access"; SERVER_REGIONS = lib.concatStringsSep "," piaCountries; }; environmentFiles = [ config.age.secrets.pia-login-secrets.path ]; }; }; }