summary refs log tree commit diff
path: root/services/transmission.nix
blob: ec98177fe002250f13493928174e026d24c65e8a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

{
  me,
  config,
  lib,
  pkgs,
  auxiliaryPkgs,
  ...
}:

let
  inherit (pkgs) dockerTools;
  inherit (auxiliaryPkgs) common;

  transmission = pkgs.transmission_4;

  transmissionLocalPort = 2018;
  transmissionDir = "/srv/transmission";

  transmissionImage = dockerTools.streamLayeredImage {
    name = "transmission";
    tag = transmission.version;
    fromImage = common.alpine.base;
    contents = [ transmission ];
  };

  gluetunImage = common.pullImage {
    name = "qmcgaw/gluetun";
    tag = "v3.39";
    digest = "sha256:6a8058e626763cbf735ac2f78c774dbb24fec2490bd9d9f7d67e22592cb4a991";
    x86.sha256 = "1cg43lmp3ql64zsfwp2f52kigijs30n3hnja12msr9npbgq8a8ga";
  };

  piaCountries = [
    "Albania" "Austria" "Belgium" "Bosnia and Herzegovina" "Bulgaria"
    "Czech Republic" "ES Madrid" "ES Valencia" "Estonia" "Georgia" "Greece"
    "Hungary" "IT Milano" "Poland" "Portugal" "Romania" "Serbia" "Turkey" "Ukraine"
  ];
in
{
  age.secrets.pia-login-secrets = {
    file = ../secrets/pia-login-secrets.age;
  };

  foundation.services = {
    transmission = {
      image = transmissionImage;

      volumes = [
        [ "${transmissionDir}/config" "/var/lib/transmission/config" ]
        [ "${transmissionDir}/download" "/var/lib/transmission/download" ]
        [ "${transmissionDir}/torrents" "/var/lib/transmission/torrents" ]
      ];

      entrypoint = lib.getExe' transmission "transmission-daemon";
      cmd = [
        "--foreground"
        "--config-dir" "/var/lib/transmission/config"
      ];

      customNetwork = "container:vpn";
    };

    vpn = {
      fullImage = gluetunImage;

      ports = [
        (common.tailnetPort me [ transmissionLocalPort 9091 ])
      ];

      volumes = [
        [ "${transmissionDir}/gluetun" "/gluetun" ]
      ];

      capabilities = [ "NET_ADMIN" ];
      devices = [ "/dev/net/tun" ];

      environment = {
        VPN_SERVICE_PROVIDER = "private internet access";
        SERVER_REGIONS = lib.concatStringsSep "," piaCountries;
      };

      environmentFiles = [ config.age.secrets.pia-login-secrets.path ];
    };
  };
}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-25 16:01:36 +0000