lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions

Setting up tetra and mogma

Browse source
This commit is contained in:
Lyes Saadi 2026-01-15 03:01:34 +01:00
parent 0812b82c46
commit 34a686c562
Signed by: lyes
GPG key ID: 55A1D803917CF39A
12 changed files with 454 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

44
modules/server/tetra/default.nix
View file

@ -1,8 +1,12 @@
{ ... }:
{ config, lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
libnatpmp
];
services.qbittorrent = {
enable = false;
enable = true;
user = "qbittorrent";
group = "media";
@ -33,13 +37,47 @@
Username = "lyes";
Password_PBKDF2 = "@ByteArray(5UU0KdjkWdtIdml1aQVDOQ==:qs0cVTkuQzbHA3EmF9++MK9eJstbx95hIR52amh2PSSgmQxrXavu0oxUZdUMWnaIRKkUuq18o9GV+DMb7T99NA==)";
AuthSubnetWhitelistEnabled = true;
# AuthSubnetWhitelist = "192.168.2.2/32";
AuthSubnetWhitelist = "192.168.2.2/32";
StatusbarExternalIPDisplayed = true;
};
};
};
};
networking.vpn-netns.encapsulatedServices.qbittorrent = {
enable = true;
portForwarding = {
enable = true;
updateScript =
let
configFile = "/var/lib/qbittorrent/qBittorrent/config/qBittorrent.conf";
passwordFile = config.age.secrets.tetra-pass.path;
apiSetPreferenceUrl = "http://${config.networking.vpn-netns.vethIP}:${toString config.services.qbittorrent.webuiPort}/api/v2/app/setPreferences";
curl = lib.getExe pkgs.curl;
ip = "${pkgs.iproute2}/bin/ip";
in
''
CURRENT_PORT=$(cat ${configFile} | grep 'Session\\Port' | cut -d '=' -f 2)
PASS=$(cat ${passwordFile})
test "$PORT" -eq "$CURRENT_PORT" || (
${ip} netns exec netns-mogma ${curl} -i -X POST -d "json={\"random_port\": false}" "${apiSetPreferenceUrl}"
${ip} netns exec netns-mogma ${curl} -i -X POST -d "json={\"listen_port\": $PORT}" "${apiSetPreferenceUrl}"
)
'';
};
};
age.secrets = {
tetra-pass = {
file = ../../../secrets/zora/services/tetra-pass.age;
mode = "770";
owner = "qbittorrent";
group = "media";
};
};
# users.users.qbittorrent.extraGroups = [ "media" ];
users.users.qbittorrent.isSystemUser = true;
users.users.qbittorrent.group = "media";