From 6fa77d8c53d1948fb113729db1d33b43cd1aa88d Mon Sep 17 00:00:00 2001 From: baduhai Date: Thu, 5 Jan 2023 15:01:23 -0300 Subject: [PATCH] it's qbit now --- flake.nix | 3 + hosts/servers/alexandria/services/arr.nix | 9 +- hosts/servers/alexandria/services/nginx.nix | 1 + .../servers/alexandria/services/variables.nix | 1 + modules/qbittorrent.nix | 114 ++++++++++++++++++ 5 files changed, 126 insertions(+), 2 deletions(-) create mode 100644 modules/qbittorrent.nix diff --git a/flake.nix b/flake.nix index 353369c..1a2f426 100644 --- a/flake.nix +++ b/flake.nix @@ -44,6 +44,7 @@ ./hosts/servers/alexandria.nix agenix.nixosModule home-manager-stable.nixosModules.home-manager + self.nixosModules.qbittorrent ]; }; }; @@ -64,6 +65,8 @@ }; }; + nixosModules.qbittorrent = import ./modules/qbittorrent.nix; + packages.x86_64-linux = { install-iso = nixos-generators.nixosGenerate { system = "x86_64-linux"; diff --git a/hosts/servers/alexandria/services/arr.nix b/hosts/servers/alexandria/services/arr.nix index 6ceb900..47a79e9 100644 --- a/hosts/servers/alexandria/services/arr.nix +++ b/hosts/servers/alexandria/services/arr.nix @@ -2,6 +2,13 @@ { services = { + qbittorrent = { + enable = true; + user = "user"; + group = "hosted"; + port = lib.toInt "${config.ports.qbittorrent}"; + }; + jellyfin = { enable = true; group = "hosted"; @@ -25,8 +32,6 @@ group = "hosted"; }; - aria2.enable = true; - jackett.enable = true; }; } diff --git a/hosts/servers/alexandria/services/nginx.nix b/hosts/servers/alexandria/services/nginx.nix index 45d8bf4..d7b2fa4 100644 --- a/hosts/servers/alexandria/services/nginx.nix +++ b/hosts/servers/alexandria/services/nginx.nix @@ -19,6 +19,7 @@ "librespeed.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.librespeed}"; }; "n8n.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.n8n}"; }; "paperless.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.paperless}"; }; + "qbittorrent.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.qbittorrent}"; }; "radarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; }; "shiori.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.shiori}"; }; "sonarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; }; diff --git a/hosts/servers/alexandria/services/variables.nix b/hosts/servers/alexandria/services/variables.nix index ae02a8f..0d03829 100644 --- a/hosts/servers/alexandria/services/variables.nix +++ b/hosts/servers/alexandria/services/variables.nix @@ -21,6 +21,7 @@ in syncthing = mkStringOption "8006"; jellyfin = mkStringOption "8096"; whoogle = mkStringOption "8007"; + qbittorrent = mkStringOption "8008"; sonarr = mkStringOption "8989"; jackett = mkStringOption "9117"; }; diff --git a/modules/qbittorrent.nix b/modules/qbittorrent.nix new file mode 100644 index 0000000..ede365b --- /dev/null +++ b/modules/qbittorrent.nix @@ -0,0 +1,114 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.qbittorrent; + configDir = "${cfg.dataDir}/.config"; + openFilesLimit = 4096; +in +{ + options.services.qbittorrent = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Run qBittorrent headlessly as systemwide daemon + ''; + }; + + dataDir = mkOption { + type = types.path; + default = "/var/lib/qbittorrent"; + description = '' + The directory where qBittorrent will create files. + ''; + }; + + user = mkOption { + type = types.str; + default = "qbittorrent"; + description = '' + User account under which qBittorrent runs. + ''; + }; + + group = mkOption { + type = types.str; + default = "qbittorrent"; + description = '' + Group under which qBittorrent runs. + ''; + }; + + port = mkOption { + type = types.port; + default = 8080; + description = '' + qBittorrent web UI port. + ''; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Open services.qBittorrent.port to the outside network. + ''; + }; + + openFilesLimit = mkOption { + default = openFilesLimit; + description = '' + Number of files to allow qBittorrent to open. + ''; + }; + }; + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.qbittorrent ]; + + nixpkgs.overlays = [ + (final: prev: { + qbittorrent = prev.qbittorrent.override { guiSupport = false; }; + }) + ]; + + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ cfg.port ]; + allowedUDPPorts = [ cfg.port ]; + }; + + systemd.services.qbittorrent = { + after = [ "network.target" ]; + description = "qBittorrent Daemon"; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.qbittorrent ]; + serviceConfig = { + ExecStart = '' + ${pkgs.qbittorrent}/bin/qbittorrent-nox \ + --profile=${configDir} \ + --webui-port=${toString cfg.port} + ''; + # To prevent "Quit & shutdown daemon" from working; we want systemd to + # manage it! + Restart = "on-success"; + User = cfg.user; + Group = cfg.group; + UMask = "0002"; + LimitNOFILE = cfg.openFilesLimit; + }; + }; + + users.users = mkIf (cfg.user == "qbittorrent") { + qbittorrent = { + group = cfg.group; + home = cfg.dataDir; + createHome = true; + description = "qBittorrent Daemon user"; + }; + }; + + users.groups = + mkIf (cfg.group == "qbittorrent") { qbittorrent = { gid = null; }; }; + }; +}