2024-01-04 13:32:13 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
2024-01-04 22:30:38 +01:00
|
|
|
users.users.aria2.group = "aria2";
|
|
|
|
users.groups.aria2 = {};
|
|
|
|
users.users.aria2.isSystemUser = true;
|
|
|
|
|
2024-01-04 22:27:42 +01:00
|
|
|
sops.secrets."wg-private".mode = "0440";
|
|
|
|
sops.secrets."wg-private".owner = config.users.users.aria2.name;
|
2024-01-04 22:25:34 +01:00
|
|
|
containers.aria2 = {
|
2024-01-04 22:33:04 +01:00
|
|
|
forwardPorts = [
|
|
|
|
{
|
|
|
|
hostPort = 6969;
|
|
|
|
protocol = "tcp";
|
|
|
|
}
|
|
|
|
];
|
2024-01-04 22:28:38 +01:00
|
|
|
bindMounts = {
|
2024-01-04 22:25:34 +01:00
|
|
|
"/var/lib/media" = {
|
|
|
|
hostPath = "/var/lib/media";
|
|
|
|
isReadOnly = false;
|
|
|
|
};
|
|
|
|
"/var/lib/wg/private-key" = {
|
2024-01-04 22:27:42 +01:00
|
|
|
hostPath = config.sops.secrets."wg-private".path;
|
2024-01-04 22:25:34 +01:00
|
|
|
isReadOnly = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
autoStart = true;
|
|
|
|
privateNetwork = true;
|
|
|
|
hostAddress = "192.168.100.10";
|
|
|
|
localAddress = "192.168.100.11";
|
|
|
|
config = {
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
2024-01-04 22:34:03 +01:00
|
|
|
system.stateVersion = "23.11";
|
2024-01-04 22:25:34 +01:00
|
|
|
users.users = {
|
|
|
|
aria2.extraGroups = ["jellyfin" "nextcloud"];
|
|
|
|
};
|
|
|
|
services.aria2 = {
|
|
|
|
enable = true;
|
|
|
|
downloadDir = "/var/lib/media";
|
|
|
|
rpcListenPort = 6969;
|
|
|
|
};
|
|
|
|
networking.wg-quick.interfaces = {
|
|
|
|
wg0 = {
|
|
|
|
address = ["10.2.0.2/32"];
|
|
|
|
dns = ["10.2.0.1"];
|
|
|
|
privateKeyFile = "/var/lib/wg/private-key";
|
2024-01-04 13:32:13 +01:00
|
|
|
|
2024-01-04 22:25:34 +01:00
|
|
|
peers = [
|
|
|
|
{
|
|
|
|
publicKey = "7A19/lMrfmpFZARivC7FS8DcGxMn5uUq9LcOqFjzlDo=";
|
|
|
|
allowedIPs = ["0.0.0.0/0"];
|
|
|
|
endpoint = "185.159.158.182:51820";
|
|
|
|
persistentKeepalive = 25;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-01-04 13:32:13 +01:00
|
|
|
}
|