enable transmission, protected behind rpc auth
This commit is contained in:
parent
10b3baeff4
commit
b7f9037807
|
@ -10,6 +10,12 @@
|
|||
# DLNA ports: https://jellyfin.org/docs/general/networking/index.html
|
||||
networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
||||
|
||||
# we need to use externally-visible nameservers in order for VPNs to be able to resolve hosts.
|
||||
networking.nameservers = [
|
||||
"1.1.1.1"
|
||||
"9.9.9.9"
|
||||
];
|
||||
|
||||
# OVPN CONFIG:
|
||||
# DOCS: https://nixos.wiki/wiki/WireGuard
|
||||
networking.wireguard.enable = true;
|
||||
|
|
|
@ -94,9 +94,7 @@
|
|||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
# created with htpasswd -c bt.htpasswd <user>
|
||||
basicAuthFile = "/etc/nixos/services-conf/bt.htpasswd";
|
||||
proxyPass = "http://127.0.0.1:9091";
|
||||
proxyPass = "http://ovpns.uninsane.org:9091";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,11 +1,24 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
# services.transmission.enable = true;
|
||||
services.transmission.enable = true;
|
||||
services.transmission.settings = {
|
||||
rpc-bind-address = "0.0.0.0";
|
||||
rpc-host-whitelist = "bt.uninsane.org";
|
||||
# rpc-whitelist = "*.*.*.*";
|
||||
#rpc-host-whitelist = "bt.uninsane.org";
|
||||
#rpc-whitelist = "*.*.*.*";
|
||||
rpc-authentication-required = true;
|
||||
rpc-username = "colin";
|
||||
# salted pw. to regenerate, set this plaintext, run nixos-rebuild, and then find the salted pw in:
|
||||
# /var/lib/transmission/.config/transmission-daemon/settings.json
|
||||
rpc-password = "{503fc8928344f495efb8e1f955111ca5c862ce0656SzQnQ5";
|
||||
rpc-whitelist-enabled = false;
|
||||
|
||||
download-dir = "/mnt/storage/opt/uninsane/media/";
|
||||
};
|
||||
|
||||
systemd.services.transmission.serviceConfig = {
|
||||
# run this behind the OVPN static VPN
|
||||
NetworkNamespacePath = "/run/netns/ovpns";
|
||||
};
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user