dotfiles/system/nixos/aria2.nix

59 lines
1.6 KiB
Nix
Raw Normal View History

2023-07-16 22:17:50 +00:00
{ pkgs, config, ... }:
2023-04-26 11:53:36 +00:00
let
ariaDir = "/mnt/downloads/Aria2";
settingsDir = "${ariaDir}/conf";
sessionFile = "${settingsDir}/aria2.session";
in
{
# The nix-provided options force a aria2-user to a certain degree
systemd.services.aria2 =
let
mounts = [ "mnt-downloads.mount" ];
in
{
description = "aria2 Service";
requires = mounts;
bindsTo = [ "wg.service" ];
after = [ "wg.service" ] ++ mounts;
wantedBy = [ "multi-user.target" ];
2023-04-26 11:53:36 +00:00
preStart = ''
if [[ ! -e "${sessionFile}" ]]
then
touch "${sessionFile}"
fi
cp -f "${config.age.secrets.aria2-config.path}" "${settingsDir}/aria2.conf"
'';
2023-04-26 11:53:36 +00:00
serviceConfig = {
Restart = "on-abort";
ExecStart = "${pkgs.aria2}/bin/aria2c --enable-rpc --conf-path=${settingsDir}/aria2.conf --save-session=${sessionFile}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
User = "media_user";
Group = "media_group";
NetworkNamespacePath = "/var/run/netns/wg";
BindReadOnlyPaths = [
"/etc/netns/wg/resolv.conf:/etc/resolv.conf:norbind"
"/etc/netns/wg/nsswitch.conf:/etc/nsswitch.conf:norbind"
];
};
2023-04-26 11:53:36 +00:00
};
services.nginx.virtualHosts."aria.internal.kempkens.network" = {
quic = true;
http3 = true;
kTLS = true;
root = "${pkgs.ariang}/share/ariang";
onlySSL = true;
useACMEHost = "internal.kempkens.network";
locations."/jsonrpc" = {
recommendedProxySettings = true;
2023-04-26 12:49:46 +00:00
proxyPass = "http://192.168.42.2:6801";
2023-04-26 11:53:36 +00:00
proxyWebsockets = true;
};
};
}