mediaserver: wireguard+prowlarr

2023-04-14 00:12:24 +02:00 · 2023-04-14 00:12:24 +02:00 · 99331411a6
commit 99331411a6
parent fa58028c0e
2 changed files with 19 additions and 0 deletions
--- a/system/nixos/prowlarr.nix
+++ b/system/nixos/prowlarr.nix
@ -1,3 +1,5 @@
 { pkgs, ... }:
 {
  services.prowlarr = {
    enable = true;
@ -12,4 +14,19 @@
      NetworkNamespacePath = "/var/run/netns/wg";
    };
  };
  systemd.services.socat-prowlarr = {
    description = "socat exposes prowlarr";
    bindsTo = [ "netns@wg.service" ];
    after = [ "network.target" "wg.service" ];
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      Type = "simple";
      DynamicUser = true;
      NetworkNamespacePath = "/var/run/netns/wg";
      ExecStart = "${pkgs.socat}/bin/socat UNIX-LISTEN:/tmp/prowlarr.sock,unlink-early,fork TCP4:127.0.0.1:80";
      Restart = "on-failure";
    };
  };
 }
--- a/system/nixos/wireguard-netns.nix
+++ b/system/nixos/wireguard-netns.nix
@ -29,6 +29,7 @@
        ${iproute}/bin/ip link set wg0 netns wg
        ${iproute}/bin/ip -n wg address add 10.66.10.158/32 dev wg0
        ${iproute}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::3:a9d/128 dev wg0
        ${iproute}/bin/ip -n wg link set lo up
        ${iproute}/bin/ip -n wg link set wg0 up
        ${iproute}/bin/ip -n wg route add default dev wg0
        ${iproute}/bin/ip -n wg -6 route add default dev wg0
@ -37,6 +38,7 @@
        ${iproute}/bin/ip -n wg route del default dev wg0
        ${iproute}/bin/ip -n wg -6 route del default dev wg0
        ${iproute}/bin/ip -n wg link del wg0
        ${iproute}/bin/ip -n wg link set lo down
      '';
    };
  };