diff --git a/modules/deluge/default.nix b/modules/deluge/default.nix new file mode 100644 index 0000000..b7a2bb6 --- /dev/null +++ b/modules/deluge/default.nix @@ -0,0 +1,61 @@ +{ lib, pkgs, config, ... }: +with lib; +let + cfg = config.luj.deluge; + port = 8112; +in +{ + + options.luj.deluge = { + enable = mkEnableOption "activate deluge service"; + + user = mkOption { + type = types.str; + default = "deluge"; + description = "User account under which deluge runs."; + }; + + group = mkOption { + type = types.str; + default = "deluge"; + description = "Group under which deluge runs."; + }; + + nginx.enable = mkEnableOption "activate nginx"; + nginx.subdomain = mkOption { + type = types.str; + }; + + }; + + config = mkIf cfg.enable ( + mkMerge [{ + + sops.secrets.deluge = { + owner = cfg.user; + format = "binary"; + sopsFile = ../../secrets/deluge-login; + }; + + services.deluge = { + enable = true; + user = cfg.user; + group = cfg.group; + openFirewall = true; + declarative = true; + authFile = "/run/secrets/deluge"; + web.enable = true; + config = { + download_location = "/home/mediaserver/downloads/complete/"; + allow_remote = true; + }; + dataDir = "/home/mediaserver/deluge"; + + }; + } + + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port))]); + + + +} diff --git a/modules/mediaserver/default.nix b/modules/mediaserver/default.nix index e239812..27d1121 100644 --- a/modules/mediaserver/default.nix +++ b/modules/mediaserver/default.nix @@ -34,7 +34,7 @@ in luj.flaresolverr.enable = true; - luj.transmission = { + luj.deluge = { enable = true; user = "mediaserver"; group = "mediaserver"; @@ -87,7 +87,7 @@ in user = "mediaserver"; group = "mediaserver"; nginx.enable = true; - nginx.subdomain = "music"; + nginx.subdomain = "musique"; }; diff --git a/secrets/deluge-login b/secrets/deluge-login new file mode 100644 index 0000000..775ded6 --- /dev/null +++ b/secrets/deluge-login @@ -0,0 +1,28 @@ +{ + "data": "ENC[AES256_GCM,data:gHrFhXGlHzkIVa7hxFlXtj5LdRlw7KHdIgW7qmnOb17oMy7/Y9QXghnyAO0nrAFXpGmtJKeRnwHtetUN,iv:iR2bQyD6gNyy5wg2aP3PVRDgtViv8tHA7D/9W4T4rHE=,tag:d4Y0UfRBhSwPBqluYQVSOQ==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age1ac9aek30209ppmxxxpfc65wet344u57pdy3zmk3whjlta38m6q9s9m666g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6Yy82TngweGFScDhLR0ZE\nNkdTKzBmTkVTMFRVUEYxWnZtRUVESHlUaUhrCndEWUF3aUQ4NVM2Y25uZytURXFi\nL3UrM2MyNS92T1dZbDU2MWU4UTI5THMKLS0tIHB1Uy9oT2FRVWE2YlFEeCtKcW50\nR080L3BzTmh3MU5kYnZIV3U5bG1KZFEKG5HC8m09mRIzwnQbQKMojU610HybJUqU\nhlEVoBoVyhvFXKSkXlsoqLLYvyPhHDGdGYMuVwI/PK3L3GznTvA/OQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age162v5365xrnzm9tlxy4w3e6fqds7k3h029qezvl73z6rs5skcn9hs7vml45", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvd1FmdGNJOXJZVVh2WG5z\nalFWSElzS3NUSFlHVHNzUUtoeXk3OWw5TTJZCnhqdy9NSXphdEU5V2pOVkIxRGRz\nOERJQk9JNWpWQlgyNk1yL3BGTUQ1c2MKLS0tIFM5RXU3NW5mNHVOSWpnZllYNGpx\nMDBrbkNhbGE2dTVVcmpiTmF5Y1FmZzAKIq+6/kropB7wB0WJulQTXQsgDNfLA21f\nKDgSPOIbsd/viqEcONTHjyLLnkAo1Q7vbViF4/HVg4dUCw6TZfRHwA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15uzmt3utvm3vvmy79yk754cvwdxl0gkhqhjfy05qed0nhrpqjf0q0yh5mj", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBENWJuT1FkTFh0Q1dETXFG\nMitBelR1aXB6RW4zWkk2Y1B0NmVoZ1JvNFZnCnEzS3E3TkQzUE12U2ZUR280ak5C\nWGZzRkVya1lZZGNiOEwrMXlWYkQ5NVEKLS0tIHdLamlqU2gzaHpTbUhIdW81RGlH\nTFRBUndxbjVFckVrZmFJWldCaDM4MzAKBdOOJpJnNs/U7MSXejYKTnSAeIYVbQsA\n+UwK7DwHZmnK6/j/vV5IGlgIeEPM5o0vEp8Ybne2TxFpZzO23hjNyw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2022-02-14T13:25:09Z", + "mac": "ENC[AES256_GCM,data:cHg+G+D1bzOK07YIN5wWNbNO+mI8YW35SxrGgX2KeKn7qAWeWcwiKe/KHid+85w210R6purIHo2bKpFzM85+CQibaGnLszDRCoVeHGnYOzWTQdNHngvbP2ozvyojDVprRV9eVZXVOuy2k8CtB6qLik5MJbZP4Ino/BWSuxcr75I=,iv:/7JHAKPh9vohuzLle9BRF5NI2FiC1Y2djVeLumZA4r0=,tag:NAKbucuZKIcN8HWBO4JrgA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file