NixOS-Config/nixos/server/package-configs/aria2/configuration.nix

66 lines
1.5 KiB
Nix
Raw Normal View History

2024-01-04 13:32:13 +01:00
{
config,
pkgs,
...
}: {
users.users.aria2.group = "aria2";
users.groups.aria2 = {};
users.users.aria2.isSystemUser = true;
2024-01-04 22:27:42 +01:00
sops.secrets."wg-private".mode = "0440";
sops.secrets."wg-private".owner = config.users.users.aria2.name;
2024-01-04 22:25:34 +01:00
containers.aria2 = {
forwardPorts = [
{
hostPort = 6969;
protocol = "tcp";
}
];
2024-01-04 22:28:38 +01:00
bindMounts = {
2024-01-04 22:25:34 +01:00
"/var/lib/media" = {
hostPath = "/var/lib/media";
isReadOnly = false;
};
"/var/lib/wg/private-key" = {
2024-01-04 22:27:42 +01:00
hostPath = config.sops.secrets."wg-private".path;
2024-01-04 22:25:34 +01:00
isReadOnly = true;
};
};
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
config = {
config,
pkgs,
...
}: {
2024-01-04 22:34:03 +01:00
system.stateVersion = "23.11";
2024-01-04 22:25:34 +01:00
users.users = {
aria2.extraGroups = ["jellyfin" "nextcloud"];
};
services.aria2 = {
enable = true;
downloadDir = "/var/lib/media";
rpcListenPort = 6969;
};
networking.wg-quick.interfaces = {
wg0 = {
address = ["10.2.0.2/32"];
dns = ["10.2.0.1"];
privateKeyFile = "/var/lib/wg/private-key";
2024-01-04 13:32:13 +01:00
2024-01-04 22:25:34 +01:00
peers = [
{
publicKey = "7A19/lMrfmpFZARivC7FS8DcGxMn5uUq9LcOqFjzlDo=";
allowedIPs = ["0.0.0.0/0"];
endpoint = "185.159.158.182:51820";
persistentKeepalive = 25;
}
];
};
};
};
};
2024-01-04 13:32:13 +01:00
}