From 7b72527ee6431fd67f935bee07987baec8c7136f Mon Sep 17 00:00:00 2001 From: "Casper V. Kristensen" Date: Wed, 24 Apr 2024 00:05:25 +0200 Subject: [PATCH] sigma: torrents --- hosts/sigma/caddy.nix | 3 +++ hosts/sigma/default.nix | 2 ++ hosts/sigma/deluge.nix | 29 +++++++++++++++++++---------- hosts/sigma/jellyfin.nix | 30 ++++++++++++++++++++++++++++++ hosts/sigma/sonarr.nix | 33 +++++++++++++++++++++++++++++++++ modules/borg.nix | 1 + 6 files changed, 88 insertions(+), 10 deletions(-) create mode 100644 hosts/sigma/jellyfin.nix create mode 100644 hosts/sigma/sonarr.nix diff --git a/hosts/sigma/caddy.nix b/hosts/sigma/caddy.nix index 39eca73..e6a4152 100644 --- a/hosts/sigma/caddy.nix +++ b/hosts/sigma/caddy.nix @@ -1,6 +1,9 @@ {secrets, ...}: { services.caddy.virtualHosts = secrets.sigma.caddy.virtualHosts; + # Add caddy to the 'torrent' group to allow viewing downloads + users.groups.torrent.members = ["caddy"]; + age.secrets.caddy-auth-sigma = { file = "${secrets}/secrets/caddy-auth-sigma.age"; mode = "600"; diff --git a/hosts/sigma/default.nix b/hosts/sigma/default.nix index 93a7883..037c9f2 100644 --- a/hosts/sigma/default.nix +++ b/hosts/sigma/default.nix @@ -9,7 +9,9 @@ ./deluge.nix ./gitea.nix ./hardware.nix + ./jellyfin.nix ./network.nix + ./sonarr.nix ]; networking.hostName = "sigma"; diff --git a/hosts/sigma/deluge.nix b/hosts/sigma/deluge.nix index 6c2d5be..38c6ec6 100644 --- a/hosts/sigma/deluge.nix +++ b/hosts/sigma/deluge.nix @@ -9,19 +9,19 @@ # https://www.deluge-torrent.org/ services.deluge = { enable = true; + # Use the 'torrent' group to share files amongst downloaders, indexers etc. + group = "torrent"; web.enable = true; + # Config defaults: # https://git.deluge-torrent.org/deluge/tree/deluge/core/preferencesmanager.py#n41 declarative = true; config = { - # use dedicated interface + download_location = "/srv/torrents/downloads/"; + # use the dedicated network interface and port listen_interface = secrets.sigma.sigma-p2p-ip-address; outgoing_interface = "wg-sigma-p2p"; random_port = false; listen_ports = [60881]; - # encrypt everything - enc_in_policy = 0; - enc_out_policy = 0; - enc_level = 1; # no limits max_connections_global = -1; max_upload_slots_global = -1; @@ -32,7 +32,7 @@ max_active_limit = -1; # caching cache_size = 65536; # 65536 x 16KiB = 1GiB - # enable label plugin for sonarr + # enable label plugin, primarily for sonarr enabled_plugins = ["Label"]; }; # authfile is required with declarative=true; allow access from webui @@ -44,9 +44,6 @@ }; }; - # Add 'caddy' to the 'deluge' group to allow browsing files - users.groups.deluge.members = ["caddy"]; - # Only allow deluged internet access through wg-sigma-p2p systemd.services.deluged = { serviceConfig = { @@ -56,10 +53,22 @@ environment.persistence."/nix/persist" = { directories = [ + # Deluge data directory. This is *NOT* where the downloads are saved { directory = "/var/lib/deluge"; user = "deluge"; - group = "deluge"; + group = "torrent"; + mode = "0770"; + } + # Since Sonarr insists on using hardlinks to manage media files, its + # media library must be on the same volume as Deluge stores its + # downloads. Therefore, Deluge will save to /srv/torrents/downloads/ and + # Sonarr will hardlink in /srv/torrents/tv/. Jellyfin reads from + # /srv/torrents/downloads/movies/ and /srv/torrents/tv/. + { + directory = "/srv/torrents"; + user = "caspervk"; + group = "torrent"; mode = "0770"; } ]; diff --git a/hosts/sigma/jellyfin.nix b/hosts/sigma/jellyfin.nix new file mode 100644 index 0000000..4618f1e --- /dev/null +++ b/hosts/sigma/jellyfin.nix @@ -0,0 +1,30 @@ +{...}: { + # Jellyfin is a free and open-source media server and suite of multimedia + # applications designed to organize, manage, and share digital media files to + # networked devices. + # https://jellyfin.org/ + # NOTE: Jellyfin config is not managed by NixOS. Here's how to set it up: + # * Media Libraries: + # * Shows: /srv/torrents/tv/. + # * Disable all metadata download; will be gathered from Sonarr's .nfo's instead. + # * Movies: /srv/torrents/downloads/movies/. + # * 'Allow remote connections to this server' should remain **enabled** even + # though we are using a reverse proxy. + # * Install 'Kodi Sync Queue' under 'Admin/Plugins/Catalog'. + services.jellyfin = { + enable = true; + # Use the 'torrent' group to share files amongst downloaders, indexers etc. + group = "torrent"; + }; + + environment.persistence."/nix/persist" = { + directories = [ + { + directory = "/var/lib/jellyfin"; + user = "jellyfin"; + group = "torrent"; + mode = "0700"; + } + ]; + }; +} diff --git a/hosts/sigma/sonarr.nix b/hosts/sigma/sonarr.nix new file mode 100644 index 0000000..b658f9d --- /dev/null +++ b/hosts/sigma/sonarr.nix @@ -0,0 +1,33 @@ +{nixpkgs-unstable, ...}: { + # Sonarr is an internet PVR for Usenet and Torrents. + # https://sonarr.tv/ + # + # NOTE: sonarr's config isn't managed by NixOS and its web interface REQUIRES + # authentication even though we already have Caddy http basic auth. Just set + # Sonarr to use http basic auth with the same username/password as Caddy and + # everything will work. Other configuration: + # * Media Management/Root Folder: /srv/torrents/tv/. + # * Indexers: Add as needed. + # * Download Clients: 'qBittorrent'. Host: 'localhost'. Category: 'tv'. Disable 'Remove Completed'. + # * Metadata/Kodi: Enable. + # * General/Analytics: Disable. + # * UI: Fix retarded date formats. + services.sonarr = { + enable = true; + # Unstable for sonarr v4. TODO: remove in NixOS 24.04 + package = nixpkgs-unstable.legacyPackages.x86_64-linux.sonarr; + # Use the 'torrent' group to share files amongst downloaders, indexers etc. + group = "torrent"; + }; + + environment.persistence."/nix/persist" = { + directories = [ + { + directory = "/var/lib/sonarr"; + user = "sonarr"; + group = "torrent"; + mode = "0750"; + } + ]; + }; +} diff --git a/modules/borg.nix b/modules/borg.nix index 2502c68..cb6815e 100644 --- a/modules/borg.nix +++ b/modules/borg.nix @@ -92,6 +92,7 @@ "! /**/.cache" "! /**/Cache" "! /**/cache" + "! /srv/torrents" "! /var/lib/docker/overlay2" "- *.tmp"