From be6c605f38c380ab38b969f4f08ad5f39d65714f Mon Sep 17 00:00:00 2001
From: Johannes Rothe <mail@johannes-rothe.de>
Date: Wed, 2 Apr 2025 19:17:56 +0200
Subject: [PATCH] Add transmission

---
 hosts/dalinar/default.nix | 37 ++++++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/hosts/dalinar/default.nix b/hosts/dalinar/default.nix
index 7fd9291..70b0622 100644
--- a/hosts/dalinar/default.nix
+++ b/hosts/dalinar/default.nix
@@ -306,6 +306,11 @@
           reverse_proxy lidarr:${builtins.toString config.containers.lidarr.config.services.lidarr.settings.server.port}
         '';
       };
+      "https://transmission.dalinar.home.johannes-rothe.de" = {
+        extraConfig = ''
+          reverse_proxy lidarr:${builtins.toString config.containers.lidarr.config.services.transmission.settings.rpc-port}
+        '';
+      };
       "https://jellyfin.dalinar.home.johannes-rothe.de" = {
         extraConfig = ''
           reverse_proxy localhost:8096
@@ -357,25 +362,43 @@
     enableTun = true;
     hostAddress = "192.168.100.4";
     localAddress = "192.168.100.5";
-    config = {  ... }: {
+    config = { pkgs, ... }: {
       system.stateVersion = "24.11";
       networking.useHostResolvConf = lib.mkForce false;
       # Required workaround for tailscale exit nodes, see https://nixos.wiki/wiki/Tailscale
       networking.firewall.checkReversePath = "loose";
       networking.nftables.enable = true;
       services.resolved.enable = true;
+
       # Tailscale is also used for local connectivity, since the exit node for
       # some reason prevents local access
       services.tailscale.enable = true;
+
+      services.transmission = {
+        enable = true;
+        openRPCPort = true;
+        settings = {
+          rpc-port = 9091;
+          rpc-bind-address = "0.0.0.0";
+          rpc-whitelist-enabled = false;
+          rpc-authentication-required = true;
+          # TODO change
+          rpc-password = "123456";
+          rpc-username = "123456";
+        };
+        webHome = pkgs.flood-for-transmission;
+      };
+      # https://github.com/NixOS/nixpkgs/issues/258793
+      systemd.services.transmission.serviceConfig = {
+        RootDirectoryStartOnly = lib.mkForce false;
+        RootDirectory = lib.mkForce "";
+        PrivateMounts = lib.mkForce false;
+        PrivateUsers = lib.mkForce false;
+      };
+
       services.lidarr = {
         enable = true;
         openFirewall = true;
-        #settings = {
-        #  server = {
-        #    bindaddress = "*";
-        #    port = 8686;
-        #  };
-        #};
       };
     };
   };