Personal-use NixOS configuration
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Get rtorrent and soulseek fully working

encode42 e00d3ccb 0e0d9395

+115 -32
+9 -9
flake.lock
··· 333 333 "xwayland-satellite-unstable": "xwayland-satellite-unstable" 334 334 }, 335 335 "locked": { 336 - "lastModified": 1757870947, 337 - "narHash": "sha256-0N8w6SB6a68kWioFmlr+KfwfG44KVjPjJIBSQKNdNhE=", 336 + "lastModified": 1757942412, 337 + "narHash": "sha256-iDnEKwUYNOJZU/2B4bt8tfKUwN0J7RFJ7BXmf17VJOM=", 338 338 "owner": "sodiboo", 339 339 "repo": "niri-flake", 340 - "rev": "8e9b1a571399104e42d8fa5de6c28c63bff0c16a", 340 + "rev": "1da07fd6a9d44a7875d2843cccab1179085edb2c", 341 341 "type": "github" 342 342 }, 343 343 "original": { ··· 366 366 "niri-unstable": { 367 367 "flake": false, 368 368 "locked": { 369 - "lastModified": 1757832020, 370 - "narHash": "sha256-SCdus7r4IS8l3jzF8mcMFMlDvACTdmDCcsPnGUEqll0=", 369 + "lastModified": 1757916394, 370 + "narHash": "sha256-nSmVJLjTGwQYC+pqD7GLt7Yt6oktawAMRld6oyFwMd0=", 371 371 "owner": "YaLTeR", 372 372 "repo": "niri", 373 - "rev": "e6a8ad38479eb179dc7301755316f993e3e872ea", 373 + "rev": "cd0d45fdb88641aa5211c81e69301e85c5dd53a2", 374 374 "type": "github" 375 375 }, 376 376 "original": { ··· 425 425 }, 426 426 "nixos-hardware": { 427 427 "locked": { 428 - "lastModified": 1757891025, 429 - "narHash": "sha256-NfiTk59huy/YK9H4W4wVwRYyiP2u86QqROM5KK4f5F4=", 428 + "lastModified": 1757943327, 429 + "narHash": "sha256-w6cDExPBqbq7fTLo4dZ1ozDGeq3yV6dSN4n/sAaS6OM=", 430 430 "owner": "NixOS", 431 431 "repo": "nixos-hardware", 432 - "rev": "4c38a024fa32e61db2be8573e5282b15d9733a79", 432 + "rev": "67a709cfe5d0643dafd798b0b613ed579de8be05", 433 433 "type": "github" 434 434 }, 435 435 "original": {
+32
hosts/index/config/nfs.nix
··· 9 9 nproc = 16; 10 10 }; 11 11 12 + # TODO: Write a function that can improve this 13 + 12 14 fileSystems."/export/media" = { 13 15 depends = [ 14 16 "/mnt/data" ··· 23 25 ]; 24 26 }; 25 27 28 + fileSystems."/export/torrents" = { 29 + depends = [ 30 + "/mnt/data" 31 + ]; 32 + 33 + device = "/mnt/data/rtorrent/downloads"; 34 + fsType = "none"; 35 + 36 + options = [ 37 + "bind" 38 + "x-systemd.requires=zfs-mount.service" 39 + ]; 40 + }; 41 + 42 + fileSystems."/export/soulseek" = { 43 + depends = [ 44 + "/mnt/data" 45 + ]; 46 + 47 + device = "/mnt/data/soulseek/downloads"; 48 + fsType = "none"; 49 + 50 + options = [ 51 + "bind" 52 + "x-systemd.requires=zfs-mount.service" 53 + ]; 54 + }; 55 + 26 56 services.nfs.server.exports = '' 27 57 /export *(fsid=0,ro,insecure) 28 58 /export/media *(rw,insecure,async,no_subtree_check,nohide,all_squash,anonuid=974,anongid=442) 59 + /export/torrents *(rw,insecure,async,no_subtree_check,nohide,all_squash,anonuid=987,anongid=972) 60 + /export/soulseek *(rw,insecure,async,no_subtree_check,nohide,all_squash,anonuid=985,anongid=973) 29 61 ''; 30 62 }
+15 -2
hosts/index/config/torrenting/rtorrent.nix
··· 1 - { flakeRoot, lib, ... }: 1 + { 2 + flakeRoot, 3 + config, 4 + lib, 5 + ... 6 + }: 2 7 3 8 let 4 - interface = "rtornt"; 9 + interface = "sh1"; 5 10 6 11 dhtPort = 6771; 7 12 listenStartPort = 33101; ··· 42 47 43 48 wireguardConfigFile = "/mnt/apps/rtorrent/wg0.conf"; 44 49 50 + namespaceAddress = "192.168.15.3"; 51 + 45 52 openVPNPorts = [ 46 53 { 47 54 port = dhtPort; ··· 55 62 services.rtorrent = { 56 63 dataDir = "/mnt/apps/rtorrent"; 57 64 downloadDir = "/mnt/data/rtorrent/downloads"; 65 + }; 66 + 67 + systemd.services.rtorrent.vpnConfinement = { 68 + enable = true; 69 + 70 + vpnNamespace = interface; 58 71 }; 59 72 }
+7 -1
hosts/index/config/torrenting/soulseek.nix
··· 1 1 { flakeRoot, config, ... }: 2 2 3 3 let 4 - interface = "soulsk"; 4 + interface = "sh0"; 5 5 6 6 port = 50220; 7 7 ··· 24 24 vpnNamespaces.${interface} = { 25 25 enable = true; 26 26 27 + namespaceAddress = "192.168.15.2"; 28 + 27 29 portMappings = [ 28 30 { 29 31 from = config.services.slskd.settings.web.port; 30 32 to = config.services.slskd.settings.web.port; 31 33 } 32 34 ]; 35 + 36 + accessibleFrom = [ "127.0.0.1" ]; 33 37 34 38 openVPNPorts = [ 35 39 { ··· 68 72 69 73 vpnNamespace = interface; 70 74 }; 75 + 76 + users.users.${config.services.slskd.user}.extraGroups = [ "media" ]; 71 77 }
+1 -1
hosts/index/default.nix
··· 35 35 36 36 ./config/language/omnipoly.nix 37 37 38 - #./config/torrenting/rtorrent.nix 38 + ./config/torrenting/rtorrent.nix 39 39 ./config/torrenting/soulseek.nix 40 40 41 41 ./config/web/caddy.nix
+26 -15
packages/server/torrenting/flood.nix
··· 7 7 lib, 8 8 flakeLib, 9 9 pkgs, 10 + pkgs-unstable, 10 11 utils ? pkgs.utils, 11 12 ... 12 13 }: 13 14 14 15 let 15 16 socket = "/run/flood/flood.sock"; 16 - 17 - rtorrentModule = import ./rtorrent.nix { }; 18 17 in 19 18 { 20 - imports = [ 21 - rtorrentModule 22 - ]; 23 19 24 20 services.flood = { 25 21 enable = true; 26 22 23 + package = pkgs-unstable.flood; 24 + 27 25 extraArgs = [ 28 26 "--rtsocket=${config.services.rtorrent.rpcSocket}" 29 27 ]; 30 28 }; 31 29 32 - systemd.services.flood.serviceConfig.ExecStart = lib.mkForce ( 33 - utils.escapeSystemdExecArgs ( 34 - [ 35 - (lib.getExe pkgs.flood) 36 - "--port ${socket}" 37 - "--rundir=/var/lib/flood" 38 - ] 39 - ++ config.services.flood.extraArgs 40 - ) 41 - ); 30 + systemd.services.flood.serviceConfig = { 31 + ExecStart = lib.mkForce ( 32 + utils.escapeSystemdExecArgs ( 33 + [ 34 + (lib.getExe config.services.flood.package) 35 + "--port" 36 + socket 37 + "--rundir=/var/lib/flood" 38 + ] 39 + ++ config.services.flood.extraArgs 40 + ) 41 + ); 42 + 43 + RuntimeDirectory = "flood"; 44 + RuntimeDirectoryMode = "0750"; 45 + UMask = "0007"; 46 + 47 + Group = "flood-proxy"; 48 + }; 49 + 50 + users.groups.flood-proxy = { }; 51 + 52 + users.users.caddy.extraGroups = [ "flood-proxy" ]; 42 53 43 54 services.caddy.virtualHosts = flakeLib.mkProxies hosts '' 44 55 reverse_proxy unix/${socket}
+25 -4
packages/server/torrenting/rtorrent.nix
··· 7 7 }: 8 8 9 9 { 10 + config, 11 + pkgs-unstable, 12 + lib, 13 + ... 14 + }: 15 + 16 + { 10 17 services.rtorrent = { 11 18 enable = true; 12 19 20 + package = pkgs-unstable.rtorrent; 21 + 13 22 configText = '' 14 - dht.mode.set = auto 15 - dht.port.set = "${toString dhtPort}" 23 + dht.mode.set = off 24 + dht.port.set = ${toString dhtPort} 16 25 17 26 protocol.pex.set = yes 18 27 19 - network.port_range.set = "${toString listenPorts.start}-${toString listenPorts.end}" 28 + trackers.use_udp.set = yes 20 29 21 - trackers.use_udp.set = yes 30 + network.port_range.set = ${toString listenPorts.start}-${toString listenPorts.end} 22 31 23 32 throttle.max_downloads.set = 100 24 33 throttle.max_uploads.global.set = 300 ··· 39 48 #system.method.set = group.seeding.ratio.command, d.close= 40 49 41 50 schedule2 = throttle_slow, 10:00:00, 24:00:00, ((throttle.global_up.max_rate.set_kb, 4000)) 51 + 52 + # Compatibility with Flood 53 + method.redirect = load.throw,load.normal 54 + method.redirect = load.start_throw,load.start 55 + method.insert = d.down.sequential,value|const,0 56 + method.insert = d.down.sequential.set,value|const,0 42 57 ''; 43 58 }; 59 + 60 + systemd.services.rtorrent.serviceConfig = { 61 + SystemCallFilter = lib.mkForce "@system-service"; 62 + }; 63 + 64 + systemd.services.flood.serviceConfig.SupplementaryGroups = [ config.services.rtorrent.group ]; 44 65 }