diff options
author | lassulus <lass@aidsballs.de> | 2015-08-13 22:26:07 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2015-08-13 22:26:07 +0200 |
commit | e30ee0f14bce976f38f9954dd4432368bd978822 (patch) | |
tree | 9be1153b39cb6fc1d20b97c60789d662897c6f65 /lass | |
parent | eee4142d06f9d5c35af70a647af7fe71adefdaa2 (diff) |
lass 2: add downloading.nix
Diffstat (limited to 'lass')
-rw-r--r-- | lass/2configs/downloading.nix | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix new file mode 100644 index 000000000..e6d31a6c4 --- /dev/null +++ b/lass/2configs/downloading.nix @@ -0,0 +1,67 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../3modules/iptables.nix + ../3modules/folderPerms.nix + ]; + + users.extraUsers = { + download = { + name = "download"; + home = "/var/download"; + createHome = true; + extraGroups = [ + "download" + ]; + }; + + transmission = { + extraGroups = [ + "download" + ]; + }; + }; + + users.extraGroups = { + download = { + members = [ + "download" + "transmission" + ]; + }; + }; + + services.transmission = { + enable = true; + settings = { + download-dir = "/var/download/finished"; + incomplete-dir = "/var/download/incoming"; + incomplete-dir-enabled = true; + + rpc-authentication-required = true; + rpc-whitelist-enabled = false; + rpc-username = "download"; + #add rpc-password in secrets + rpc-password = "test123"; + }; + }; + + lass.iptables = { + enable = true; + tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } + ]; + }; + + lass.folderPerms = { + enable = true; + permissions = [ + { + path = "/var/download"; + permission = "775"; + owner = "transmission:download"; + } + ]; + }; +} |