Enable vpn for aria2
This commit is contained in:
parent
be18666f92
commit
74e53e5925
|
@ -6,6 +6,7 @@ releaseCookie: ENC[AES256_GCM,data:oG8DcUP+gIm5xPzIJdmjrtX/TdrcS8IgeGJeu0oOmZb0/
|
|||
mssqlpass: ENC[AES256_GCM,data:XEu4bQC5qM5Cm8UDVX3qAzTuL/t3xbx+qcEbZM4h3Hg=,iv:jgpZ93THYBlUvJDC5+YZiIxu/14e7nFSy76J0vc8Hek=,tag:iKsEDp/KZ5juqzmUgtP8iA==,type:str]
|
||||
mailpassunhash: ENC[AES256_GCM,data:q/P3nrNLy3hCISDmalw94nzWIFhoCdCTyflj27D2Ltr8,iv:oAFna87l3sL/42ljUF1QsRL0xBrP82uYdKLxK/8HcQE=,tag:liFFGHbNPOpOHyMsjnvMOQ==,type:str]
|
||||
rpcSecret: ENC[AES256_GCM,data:gOuQSY2RI6rnSnG1,iv:xz1ueq4/UOKYBs5r9Tk4jL0+GyX8uo8I8ZymVgIMKLI=,tag:Fr8rWIttLz7X8Pri6FBJBQ==,type:str]
|
||||
wg-private: ENC[AES256_GCM,data:6BEuNqqG//p5UhRmQ4RPEze6jZdvzK4PEXxlbX2ANYIhFpacj0aZnCr9o/A=,iv:tPlwYdV4I5oA8qG+bfVi1Dpbf7xedByantqsmylZXKQ=,tag:k1BqKqlayOWz5QW1XiAjqQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -21,8 +22,8 @@ sops:
|
|||
KzNBMCtUaS9sU21Xc1JUd1FSR29tSkEKyqaDM/WUWjK2l+ahE6sIFYsQ6Qtkf7yz
|
||||
NWFTzsDZBmm9kpSIjchf+PuBuoRHeEKbEH8jnMlYB3J8boEnUnXMlw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-01-04T12:15:46Z"
|
||||
mac: ENC[AES256_GCM,data:a9SPOcOGrhB3u2d1Ju9rEFrkS/PjkK3aTmHJSODRtameV6f2h3iuLzpgHVtZZ08MPoajriasAxAYIsZNwfGbRvAffqf+H85TnKy8e115x9MqZB0EFAwHWuxysjRsRwaJLpjFos3HdsYciro4EDrBKfbvLrLLjxNRWf3FwALA6WQ=,iv:VXUTnQN7B+u+g4OCut3YUxqqGb6mTN7yTubZLZpR19w=,tag:NfBfVQkFlcwq+w5/ckQqGA==,type:str]
|
||||
lastmodified: "2024-01-04T21:18:00Z"
|
||||
mac: ENC[AES256_GCM,data:ZHXg541BI94kwvLJ/CFHS7UauQN6LimqNK9rU60dil1RIArDy5xHtRki/p5uajKeGhM+Bv1t9SWAehk1n3U0PiynLGLm3npraIxItBPiRf7hyqDXmc8kG4U7BBcbIf3qvkvxVVd5auWfnPobKsRhKA+gC1Z11ylPqK37yIgK5Sw=,iv:EKacOHhgwjFDw2ioraxlyfXt89VpT+B4D/a/rC+ulNM=,tag:YvgctOLxmojg2uOAlKihkQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
|
@ -3,6 +3,32 @@
|
|||
pkgs,
|
||||
...
|
||||
}: {
|
||||
sops.secrets."nextcloudadmin".mode = "0440";
|
||||
sops.secrets."nextcloudadmin".owner = config.users.users.aria2.name;
|
||||
containers.aria2 = {
|
||||
forwardPorts = {
|
||||
hostPort = 6969;
|
||||
protocol = "tcp";
|
||||
};
|
||||
bindmounts = {
|
||||
"/var/lib/media" = {
|
||||
hostPath = "/var/lib/media";
|
||||
isReadOnly = false;
|
||||
};
|
||||
"/var/lib/wg/private-key" = {
|
||||
hostPath = sops.secrets."nextcloudadmin".path;
|
||||
isReadOnly = true;
|
||||
};
|
||||
};
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostAddress = "192.168.100.10";
|
||||
localAddress = "192.168.100.11";
|
||||
config = {
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
users.users = {
|
||||
aria2.extraGroups = ["jellyfin" "nextcloud"];
|
||||
};
|
||||
|
@ -11,16 +37,22 @@
|
|||
downloadDir = "/var/lib/media";
|
||||
rpcListenPort = 6969;
|
||||
};
|
||||
networking.wg-quick.interfaces = {
|
||||
wg0 = {
|
||||
address = ["10.2.0.2/32"];
|
||||
dns = ["10.2.0.1"];
|
||||
privateKeyFile = "/var/lib/wg/private-key";
|
||||
|
||||
# services.nginx = {
|
||||
# virtualHosts = {
|
||||
# "aria2.gladtherescake.eu" = {
|
||||
# forceSSL = true;
|
||||
# enableACME = true;
|
||||
# locations."/" = {
|
||||
# proxyPass = "http://localhost:6800";
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
peers = [
|
||||
{
|
||||
publicKey = "7A19/lMrfmpFZARivC7FS8DcGxMn5uUq9LcOqFjzlDo=";
|
||||
allowedIPs = ["0.0.0.0/0"];
|
||||
endpoint = "185.159.158.182:51820";
|
||||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue