deploy rtorrent
This commit is contained in:
parent
3c1556b185
commit
2f0ddf0e6d
4 changed files with 169 additions and 1 deletions
|
@ -41,6 +41,7 @@
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKME+A5zu36tMIsY+PBoboizgAzt6xReUNrKRBkxvl3i victor@null"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8llUcEBHsLqotFZc++LNP2fjItuuzeUsu5ObXecYNj victor@eevee"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBhJAp7NWlHgwDYd2z6VNROy5RkeZHRINFLsFvwT4b3 victor@bastion"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMbdjysLnmwJD5Fs/SjBPstdIQNUxy8zFHP0GlhHMJB victor@bastion"
|
||||||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le"
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIM3TqXaApX2JZsgfZd7PKVFMecDgqTHKibpSzgdXNpYAAAAABHNzaDo= solov2-le"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -50,7 +50,6 @@
|
||||||
hostname = "rtorrent";
|
hostname = "rtorrent";
|
||||||
ip = "192.168.0.111";
|
ip = "192.168.0.111";
|
||||||
mac = "7a:5f:9b:62:49:91";
|
mac = "7a:5f:9b:62:49:91";
|
||||||
nix = false;
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
hostname = "minio";
|
hostname = "minio";
|
||||||
|
|
52
nixos/hosts/hades/rtorrent/configuration.nix
Normal file
52
nixos/hosts/hades/rtorrent/configuration.nix
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
let vs = config.vault-secrets.secrets; in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./rtorrent.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.interfaces.eth0.useDHCP = true;
|
||||||
|
system.stateVersion = "22.05";
|
||||||
|
|
||||||
|
fileSystems."/mnt/storage" = {
|
||||||
|
device = "storage:/mnt/storage";
|
||||||
|
fsType = "nfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.flood = {
|
||||||
|
enable = true;
|
||||||
|
host = "0.0.0.0";
|
||||||
|
openFirewall = true;
|
||||||
|
downloadDir = config.services.rtorrent.downloadDir;
|
||||||
|
};
|
||||||
|
|
||||||
|
vault-secrets.secrets.rtorrent = {
|
||||||
|
services = [ "wg-quick-wg0" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# # basically to override wireguard and route olympus IPs via the router
|
||||||
|
# networking.interfaces.eth0.ipv4.routes = [{
|
||||||
|
# address = "10.42.42.0";
|
||||||
|
# prefixLength = 23;
|
||||||
|
# via = "192.168.0.1";
|
||||||
|
# }];
|
||||||
|
|
||||||
|
# Mullvad VPN
|
||||||
|
networking.wg-quick.interfaces = {
|
||||||
|
wg0 = {
|
||||||
|
address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ];
|
||||||
|
dns = [ "193.138.218.74" ];
|
||||||
|
privateKeyFile = "${vs.rtorrent}/wireguardKey";
|
||||||
|
postUp = "${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1";
|
||||||
|
|
||||||
|
peers = [
|
||||||
|
{
|
||||||
|
publicKey = "hnRorSW0YHlHAzGb4Uc/sjOqQIrqDnpJnTQi/n7Rp1c=";
|
||||||
|
allowedIPs = [ "0.0.0.0/0" "::/0" ];
|
||||||
|
endpoint = "185.65.134.223:51820";
|
||||||
|
persistentKeepalive = 25;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
116
nixos/hosts/hades/rtorrent/rtorrent.nix
Normal file
116
nixos/hosts/hades/rtorrent/rtorrent.nix
Normal file
|
@ -0,0 +1,116 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.rtorrent = {
|
||||||
|
enable = true;
|
||||||
|
port = 54945; # Port Forwarded in mullvad
|
||||||
|
downloadDir = "/mnt/storage/torrents/r";
|
||||||
|
package = pkgs.jesec-rtorrent;
|
||||||
|
configText = let cfg = config.services.rtorrent; in
|
||||||
|
pkgs.lib.mkForce ''
|
||||||
|
# rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"]
|
||||||
|
method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/")
|
||||||
|
|
||||||
|
# Default download directory (cfg.download) [default: "$(cfg.basedir)/download"]
|
||||||
|
method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}")
|
||||||
|
|
||||||
|
# RPC Socket
|
||||||
|
method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}")
|
||||||
|
|
||||||
|
# Log directory (cfg.logs) [default: "$(cfg.basedir)/log"]
|
||||||
|
method.insert = cfg.logs, private|const|string, (cat,(cfg.basedir),"log/")
|
||||||
|
method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log")
|
||||||
|
|
||||||
|
# Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"]
|
||||||
|
method.insert = cfg.session, private|const|string, (cat,(cfg.basedir),".session/")
|
||||||
|
|
||||||
|
# Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"]
|
||||||
|
method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/")
|
||||||
|
|
||||||
|
# Create directories
|
||||||
|
fs.mkdir.recursive = (cat,(cfg.basedir))
|
||||||
|
|
||||||
|
fs.mkdir = (cat,(cfg.download))
|
||||||
|
fs.mkdir = (cat,(cfg.logs))
|
||||||
|
fs.mkdir = (cat,(cfg.session))
|
||||||
|
|
||||||
|
fs.mkdir = (cat,(cfg.watch))
|
||||||
|
fs.mkdir = (cat,(cfg.watch),"/load")
|
||||||
|
fs.mkdir = (cat,(cfg.watch),"/start")
|
||||||
|
|
||||||
|
# Drop to "$(cfg.watch)/load" to add torrent
|
||||||
|
schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent")))
|
||||||
|
|
||||||
|
# Drop to "$(cfg.watch)/start" to add torrent and start downloading
|
||||||
|
schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent")))
|
||||||
|
|
||||||
|
# Listening port for incoming peer traffic
|
||||||
|
network.port_range.set = ${toString cfg.port}-${toString cfg.port}
|
||||||
|
network.port_random.set = no
|
||||||
|
|
||||||
|
# Distributed Hash Table and Peer EXchange
|
||||||
|
dht.mode.set = disable
|
||||||
|
dht.port.set = 6881
|
||||||
|
protocol.pex.set = yes
|
||||||
|
|
||||||
|
# UDP tracker support
|
||||||
|
trackers.use_udp.set = yes
|
||||||
|
|
||||||
|
# Peer settings
|
||||||
|
throttle.max_uploads.set = 100
|
||||||
|
throttle.max_uploads.global.set = 250
|
||||||
|
throttle.min_peers.normal.set = 20
|
||||||
|
throttle.max_peers.normal.set = 60
|
||||||
|
throttle.min_peers.seed.set = 30
|
||||||
|
throttle.max_peers.seed.set = 80
|
||||||
|
trackers.numwant.set = 80
|
||||||
|
|
||||||
|
protocol.encryption.set = allow_incoming,try_outgoing,enable_retry
|
||||||
|
|
||||||
|
# Limits for file handle resources, this is optimized for
|
||||||
|
# an `ulimit` of 1024 (a common default). You MUST leave
|
||||||
|
# a ceiling of handles reserved for rTorrent's internal needs!
|
||||||
|
network.max_open_files.set = 600
|
||||||
|
network.max_open_sockets.set = 300
|
||||||
|
|
||||||
|
# Memory resource usage (increase if you have a large number of items loaded,
|
||||||
|
# and/or the available resources to spend)
|
||||||
|
pieces.memory.max.set = 1800M
|
||||||
|
network.xmlrpc.size_limit.set = 32M
|
||||||
|
|
||||||
|
# Basic operational settings
|
||||||
|
session.path.set = (cat, (cfg.session))
|
||||||
|
directory.default.set = (cat, (cfg.download))
|
||||||
|
log.execute = (cat, (cfg.logs), "execute.log")
|
||||||
|
|
||||||
|
# Other operational settings
|
||||||
|
encoding.add = utf8
|
||||||
|
system.umask.set = 0027
|
||||||
|
system.cwd.set = (directory.default)
|
||||||
|
#schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M))
|
||||||
|
#pieces.hash.on_completion.set = no
|
||||||
|
|
||||||
|
# HTTP and SSL
|
||||||
|
network.http.max_open.set = 50
|
||||||
|
network.http.dns_cache_timeout.set = 25
|
||||||
|
|
||||||
|
#network.http.ssl_verify_peer.set = 1
|
||||||
|
#network.http.ssl_verify_host.set = 1
|
||||||
|
|
||||||
|
# Run the rTorrent process as a daemon in the background
|
||||||
|
system.daemon.set = true
|
||||||
|
|
||||||
|
# XML-RPC interface
|
||||||
|
network.scgi.open_local = (cat,(cfg.rpcsock))
|
||||||
|
schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)"
|
||||||
|
schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)"
|
||||||
|
|
||||||
|
# Logging:
|
||||||
|
# Levels = critical error warn notice info debug
|
||||||
|
# Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_*
|
||||||
|
print = (cat, "Logging to ", (cfg.logfile))
|
||||||
|
log.open_file = "log", (cfg.logfile)
|
||||||
|
log.add_output = "debug", "log"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue