encode42.dev
Personal-use NixOS configuration
Clean up sharing packages and start commenting my work
+43
-16
+6
-6
hosts/index/config/sharing/rtorrent.nix
+6
-6
hosts/index/config/sharing/rtorrent.nix
···
9
9
interface = "sh1";
10
10
11
11
dhtPort = 6771;
12
-
listenStartPort = 33101;
13
-
listenEndPort = 33103;
12
+
listenFromPort = 33101;
13
+
listenToPort = 33103;
14
14
15
15
vpnListenPorts = map (port: {
16
16
inherit port;
17
17
18
18
protocol = "both";
19
-
}) (lib.range listenStartPort listenEndPort);
19
+
}) (lib.range listenFromPort listenToPort);
20
20
21
21
rtorrentModule = import (flakeRoot + /packages/server/sharing/rtorrent.nix) {
22
22
inherit dhtPort;
23
23
24
-
listenPorts = {
25
-
start = listenStartPort;
26
-
end = listenEndPort;
24
+
listenPortRange = {
25
+
from = listenFromPort;
26
+
to = listenToPort;
27
27
};
28
28
};
29
29
+1
hosts/index/config/sharing/soulseek.nix
+1
hosts/index/config/sharing/soulseek.nix
+1
packages/server/sharing/flood.nix
+1
packages/server/sharing/flood.nix
+16
-9
packages/server/sharing/rtorrent.nix
+16
-9
packages/server/sharing/rtorrent.nix
···
1
1
{
2
2
dhtPort ? 6881,
3
-
listenPorts ? {
4
-
start = 6881;
5
-
end = 6889;
3
+
listenPortRange ? {
4
+
from = 6881;
5
+
to = 6889;
6
6
},
7
+
openFirewall ? false,
7
8
}:
8
9
9
10
{
···
20
21
package = pkgs-unstable.rtorrent;
21
22
22
23
configText = ''
23
-
dht.mode.set = off
24
+
dht.mode.set = off # Disabled due to a bug in rtorrent 0.16
24
25
dht.port.set = ${toString dhtPort}
25
-
26
26
protocol.pex.set = yes
27
-
28
27
trackers.use_udp.set = yes
29
-
30
-
network.port_range.set = ${toString listenPorts.start}-${toString listenPorts.end}
28
+
network.port_range.set = ${toString listenPortRange.from}-${toString listenPortRange.to}
31
29
32
30
throttle.max_downloads.set = 100
33
31
throttle.max_uploads.global.set = 300
···
38
36
throttle.min_peers.seed.set = 1
39
37
throttle.max_peers.seed.set = 100
40
38
39
+
# Assumes a more powerful machine
41
40
pieces.memory.max.set = 4000M
42
41
pieces.preload.type.set = 2
43
42
pieces.preload.min_rate.set = 50000
44
43
45
-
#ratio.enable= # TODO: seeding ratio for sonarr/etc.
44
+
# TODO: seeding ratio for sonarr/etc.
45
+
#ratio.enable=
46
46
#ratio.min.set=100
47
47
#ratio.max.set=300
48
48
#system.method.set = group.seeding.ratio.command, d.close=
···
57
57
'';
58
58
};
59
59
60
+
# Required override for linux-hardened kernel
60
61
systemd.services.rtorrent.serviceConfig = {
61
62
SystemCallFilter = lib.mkForce "@system-service";
62
63
};
63
64
65
+
networking.firewall = lib.mkIf openFirewall {
66
+
allowedTCPPortRanges = [ listenPortRange ];
67
+
allowedUDPPortRanges = [ listenPortRange ];
68
+
};
69
+
70
+
# Add Flood to the rtorrent group for file management
64
71
systemd.services.flood.serviceConfig.SupplementaryGroups = [ config.services.rtorrent.group ];
65
72
}
+19
-1
packages/server/sharing/soulseek.nix
+19
-1
packages/server/sharing/soulseek.nix
···
12
12
domain = null;
13
13
14
14
settings = {
15
+
# Upload limits assume a fast connection
15
16
global = {
16
17
upload = {
17
18
slots = 75;
···
69
70
};
70
71
71
72
shares = {
73
+
# These files can contain sensitive information
72
74
filters = [
73
75
".md$"
74
76
".log$"
75
77
".pydio$"
76
78
];
77
79
80
+
# Assumes a more powerful machine
78
81
cache = {
79
82
storage_mode = "memory";
80
83
workers = 8;
···
87
90
"^(\.?pdf|\.?docx|\.?xlsx)$"
88
91
];
89
92
93
+
# Numbers are measured in hours
90
94
retention = {
91
-
search = 10080;
95
+
search = 1; # Users go offline often, invalidating search
96
+
97
+
transfers = {
98
+
upload = {
99
+
succeeded = 10080;
100
+
errored = 1440;
101
+
cancelled = 1440;
102
+
};
103
+
104
+
download = {
105
+
succeeded = 1440;
106
+
errored = 10080;
107
+
cancelled = 10080;
108
+
};
109
+
};
92
110
};
93
111
};
94
112
};