{ inputs, lib, config, pkgs, ... }: let inherit (inputs) qbit_manage; pkgsU = import inputs.nixpkgs-unstable { system = "x86_64-linux"; config.allowUnfree = true; }; vuetorrent = pkgs.fetchzip { url = "https://github.com/VueTorrent/VueTorrent/releases/download/v2.25.0/vuetorrent.zip"; sha256 = "sha256-sOaQNw6AnpwNFEextgTnsjEOfpl3/lpoOZFgFOz7Bos="; stripRoot = true; }; qbit_manageEnv = pkgsU.python3.withPackages ( ps: builtins.attrValues { inherit (ps) argon2-cffi bencode-py croniter fastapi gitpython humanize pytimeparse2 qbittorrent-api requests retrying ruamel-yaml slowapi uvicorn ; } ); torrentCompletionScript = pkgs.writeShellScript "qbit-torrent-completion" '' chown jawz:piracy -R "$1" chmod -R 775 "$1" ''; in { options.my.servers = { unpackerr.enable = lib.mkEnableOption "automatic archive extraction service"; qbittorrent = { enable = lib.mkEnableOption "qBittorrent torrent client"; port = lib.mkOption { type = lib.types.int; default = 9091; description = "The port to access qbittorrent web-ui"; }; }; }; config = lib.mkIf (config.my.servers.qbittorrent.enable && config.my.secureHost) { my.network.firewall.additionalPorts = [ config.my.servers.qbittorrent.port ]; home-manager.users.jawz.xdg.dataFile.vuetorrent.source = vuetorrent; sops.secrets = let mkQbitSecret = file: mode: { inherit mode; inherit (config.users.users.jawz) group; sopsFile = ../../secrets/keys.yaml; owner = config.users.users.jawz.name; path = "/home/jawz/.config/qBittorrent/ssl/${file}"; }; mkUnpackerrSecret = { sopsFile = ../../secrets/secrets.yaml; owner = config.users.users.jawz.name; }; in { "certificates/qbit_cert" = mkQbitSecret "server.crt" "0644"; "certificates/qbit_key" = mkQbitSecret "server.key" "0600"; "unpackerr/sonarr-api" = mkUnpackerrSecret; "unpackerr/radarr-api" = mkUnpackerrSecret; }; systemd = { packages = [ pkgs.qbittorrent-nox torrentCompletionScript ]; services."qbittorrent-nox@jawz" = { enable = true; overrideStrategy = "asDropin"; wantedBy = [ "multi-user.target" ]; }; user = { services = { qbit_manage = { restartIfChanged = true; description = "Tidy up my torrents"; wantedBy = [ "default.target" ]; serviceConfig = { Restart = "on-failure"; RestartSec = 30; ExecStart = "${qbit_manageEnv}/bin/python ${qbit_manage}/qbit_manage.py -r -c /home/jawz/.config/qbit_manage/config.yml"; }; }; unpackerr = lib.mkIf config.my.servers.unpackerr.enable { enable = true; restartIfChanged = true; description = "Run unpackerr"; wantedBy = [ "default.target" ]; environment = { UN_FILE_MODE = "0664"; UN_DIR_MODE = "0775"; UN_SONARR_0_URL = config.my.servers.sonarr.local; UN_SONARR_0_API_KEY = "filepath:${config.sops.secrets."unpackerr/sonarr-api".path}"; UN_SONARR_0_PATHS = "/srv/pool/multimedia/downloads/torrent"; UN_RADARR_0_URL = config.my.servers.radarr.local; UN_RADARR_0_API_KEY = "filepath:${config.sops.secrets."unpackerr/radarr-api".path}"; UN_RADARR_0_PATHS = "/srv/pool/multimedia/downloads/torrent"; }; serviceConfig = { Restart = "on-failure"; RestartSec = 30; ExecStart = "${pkgs.unpackerr}/bin/unpackerr"; }; }; }; timers.qbit_manage = { enable = true; description = "Tidy up my torrents"; wantedBy = [ "timers.target" ]; timerConfig.OnCalendar = "*:0/10"; }; }; }; }; }