{ config, pkgs, lib, ... }: { users.users."starr" = { extraGroups = [ "transmission" ]; }; users.users.transmission = { isSystemUser = true; group = "transmission"; uid = 992; }; users.groups = { transmission.gid = 989; }; systemd.services = { docker-transmission-network = { after = [ "network.target" "docker-gluetun.service" "docker-transmission.service" ]; wantedBy = [ "docker-gluetun.service" "docker-transmission.service" ]; serviceConfig = { ExecStart = "${lib.getExe pkgs.docker} network create docker-transmission"; }; }; }; virtualisation.oci-containers = let peerport = "63369"; in { backend = "docker"; containers = { gluetun = { image = "qmcgasw/gluetun"; environment = { VPN_SERVICE_PROVIDER = "airvpn"; VPN_TYPE = "wireguard"; # WIREGUARD_PRIVATE_KEY = "from agenix"; # WIREGUARD_PRESHARED_KEY = "from agenix"; # WIREGUARD_ADDRESSES = "from agenix"; # SERVER_COUNTRIES = "from agenix"; FIREWALL_VPN_INPUT_PORTS = "13277,${peerport}"; }; environmentFiles = [ config.age.secrets.airvpn-params.path ]; extraOptions = [ "--cap-add=NET_ADMIN" "--device=/dev/net/tun" "--network=docker-transmission" ]; ports = [ "13277:13277" "9091:13277" "${peerport}:${peerport}" "${peerport}:${peerport}/udp" ]; }; transmission = { image = "docker.io/linuxserver/transmission:latest"; volumes = [ "/etc/transmission:/config" "/etc/localtime:/etc/localtime:ro" "/mnt/mediacenter/torrents:/mnt/mediacenter/torrents" "/mnt/data/transmission_downloads:/mnt/data/transmission_downloads" ]; dependsOn = [ "gluetun" ]; extraOptions = [ "--network=docker-transmission" ]; environment = { PUID = toString config.users.users.transmission.uid; GUID = toString config.users.groups.transmission.gid; PEERPORT = peerport; }; }; }; }; }