transmission: production config
This commit is contained in:
parent
18a5dca1c5
commit
fa7090afba
|
@ -5,6 +5,8 @@
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../networks/pi3B_rack.nix
|
../networks/pi3B_rack.nix
|
||||||
|
../profiles/transmission.nix
|
||||||
|
../secrets/transmission.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Comment out deployment when building the SD Image.
|
# Comment out deployment when building the SD Image.
|
||||||
|
|
|
@ -7,9 +7,16 @@
|
||||||
services = {
|
services = {
|
||||||
transmission = {
|
transmission = {
|
||||||
enable = true; # Enable Transmission
|
enable = true; # Enable Transmission
|
||||||
|
credentialsFile = "/run/keys/transmission"; # Authentication secrets
|
||||||
|
settings = {
|
||||||
|
rpc-authentication-required = true; # Enforce authentication
|
||||||
|
rpc-bind-address = "0.0.0.0"; # Listen on all interfaces
|
||||||
|
rpc-whitelist = "127.0.0.1,10.42.0.*"; # Allow hosts on the LAN
|
||||||
|
};
|
||||||
};
|
};
|
||||||
cron = {
|
cron = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
# Run transmission while everyone's asleep
|
||||||
systemCronJobs = [
|
systemCronJobs = [
|
||||||
"55 0 * * * transmission systemctl enable transmission-daemon"
|
"55 0 * * * transmission systemctl enable transmission-daemon"
|
||||||
"00 1 * * * transmission systemctl start transmission-daemon"
|
"00 1 * * * transmission systemctl start transmission-daemon"
|
||||||
|
@ -19,6 +26,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 9091 ]; # Open the required firewall ports
|
networking.firewall.allowedTCPPorts = [ 9091 ]; # Open the rpc firewall port
|
||||||
|
|
||||||
|
# Allow transmission to read the secrets keys
|
||||||
|
users.groups.keys.members = [ "transmission" ];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue