29 lines
758 B
Nix
29 lines
758 B
Nix
{ lib, ... }:
|
|
let
|
|
endpoint = lib.splitString ":" (lib.elemAt (import ../secrets/wireguard-qbittorrent.nix).peers 0).endpoint;
|
|
endpointAddress = lib.elemAt endpoint 0;
|
|
endpointPort = lib.toInt (lib.elemAt endpoint 1);
|
|
in
|
|
{
|
|
sbruder.qbittorrent = {
|
|
enable = true;
|
|
downloadDir = "/data/hot/torrent";
|
|
fqdn = "torrent.sbruder.de";
|
|
};
|
|
|
|
services.nginx.virtualHosts."torrent.sbruder.de" = {
|
|
enableACME = false;
|
|
forceSSL = false;
|
|
};
|
|
|
|
networking.nftables.ruleset = ''
|
|
table inet qbittorrent {
|
|
chain output {
|
|
type filter hook output priority mangle
|
|
# AF13 = Class 1 (lowest), high drop probability
|
|
ip daddr ${endpointAddress} udp dport ${toString endpointPort} ip dscp set af13
|
|
}
|
|
}
|
|
'';
|
|
}
|