diff options
Diffstat (limited to '')
| -rw-r--r-- | modules/tlmp/rtorrent.nix | 69 | ||||
| -rw-r--r-- | modules/tlmp/rtorrent.rc | 138 |
2 files changed, 160 insertions, 47 deletions
diff --git a/modules/tlmp/rtorrent.nix b/modules/tlmp/rtorrent.nix index bf72a2a..c374122 100644 --- a/modules/tlmp/rtorrent.nix +++ b/modules/tlmp/rtorrent.nix @@ -1,31 +1,69 @@ { config, lib, pkgs, ... }: { + environment.systemPackages = with pkgs; [ libnatpmp gawk dig ]; + systemd.services = { - wireguard-mullvad = { - bindsTo = [ "netns@mullvad.service" ]; - after = [ "netns@mullvad.service" ]; + # wireguard-mullvad = { + # bindsTo = [ "netns@torrent.service" ]; + # after = [ "netns@torrent.service" ]; + # }; + + wireguard-proton = { + bindsTo = [ "netns@torrent.service" ]; + after = [ "netns@torrent.service" ]; }; rtorrent = { - bindsTo = [ "wireguard-mullvad.service" ]; - after = [ "wireguard-mullvad.service" ]; - unitConfig.JoinsNamespaceOf = "netns@mullvad.service"; - serviceConfig.PrivateNetwork = true; + bindsTo = [ "wireguard-proton.service" ]; + after = [ "wireguard-proton.service" ]; + unitConfig.JoinsNamespaceOf = "netns@torrent.service"; + serviceConfig = { + PrivateNetwork = true; + LimitNOFILE = 24000; + }; + + path = with pkgs; [ libnatpmp gawk dig findutils gzip ]; }; }; networking.wireguard.interfaces = { - mullvad = { # Caring Wasp - ips = [ "10.67.4.3/32" "fc00:bbbb:bbbb:bb01::4:402/128" ]; - privateKeyFile = "/root/wireguard/privkey"; - interfaceNamespace = "mullvad"; + # mullvad = { # Caring Wasp + # ips = [ "10.67.4.3/32" "fc00:bbbb:bbbb:bb01::4:402/128" ]; + # privateKeyFile = "/root/wireguard/privkey"; + # interfaceNamespace = "mullvad"; + + # peers = [ + # # { # de-fra-wg-006.relays.mullvad.net + # # publicKey = "nAF0wrLG2+avwQfqxnXhBGPUBCvc3QCqWKH4nK5PfEU="; + # # endpoint = "185.209.196.76:51820"; + # # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + # # } + # { # de-fra-wg-008.relays.mullvad.net + # publicKey = "TOS3U/dJPzPnk/qsAx6gHxRVIC2wI5l+tAWaJY2mXzY="; + # endpoint = "185.209.196.78:51820"; + # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + # } + # ]; + # }; + proton = { # phaenn + ips = [ "10.2.0.2/32" ]; + # privateKeyFile = "/root/wireguard/proton.key"; + privateKeyFile = "/root/wireguard/proton_ch.key"; + interfaceNamespace = "torrent"; peers = [ - { # de-fra-wg-006.relays.mullvad.net - publicKey = "nAF0wrLG2+avwQfqxnXhBGPUBCvc3QCqWKH4nK5PfEU="; - endpoint = "185.209.196.76:51820"; - allowedIPs = [ "0.0.0.0/0" "::/0" ]; + # { # DE#348 + # publicKey = "hOoBBy//7mddXPz1SybzWB3zK95SQCcPyI/DmxfULXk="; + # endpoint = "149.88.102.97:51820"; + # allowedIPs = [ "0.0.0.0/0" ]; + # persistentKeepalive = 25; + # } + { # CH#403 + publicKey = "R8TfZYSkUM30soIPOVpNsP35qCnnJvJJI9r/VxH5TkQ="; + endpoint = "146.70.226.226:51820"; + allowedIPs = [ "0.0.0.0/0" ]; + persistentKeepalive = 25; } ]; }; @@ -33,6 +71,7 @@ services.rtorrent = { enable = true; + package = pkgs.unstable.rtorrent; # dataDir = "/mnt/media/download"; user = "media"; group = "media"; diff --git a/modules/tlmp/rtorrent.rc b/modules/tlmp/rtorrent.rc index 3353f50..c97d8f4 100644 --- a/modules/tlmp/rtorrent.rc +++ b/modules/tlmp/rtorrent.rc @@ -10,52 +10,75 @@ method.insert = cfg.basedir, private|const|string, (cat,"/mnt/media/") method.insert = cfg.watch, private|const|string, (cat,(cfg.basedir),"watch/") method.insert = cfg.logs, private|const|string, (cat,"/var/log/rtorrent/") -method.insert = cfg.logfile, private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log") # Create instance directories execute.throw = bash, -c, (cat,\ "builtin cd \"", (cfg.basedir), "\" ",\ "&& mkdir -p .session download watch/{load,start}") + +############################################################################# +# Network +############################################################################# + # Listening port for incoming peer traffic (fixed; you can also randomize it) -network.port_range.set = 50000-50000 +# network.port_range.set = 6881-6881 network.port_random.set = no +# Get Public IP +method.insert = get_public_ip_address, simple|private, "execute.capture=bash,-c,\"eval echo -n \$(natpmpc -g 10.2.0.1 -a 1 0 tcp 60 | awk '/Public IP address :/ { print $5 }')\"" +schedule2 = ip_tick, 5, 45, "network.local_address.set=(get_public_ip_address)" + +# Get Forwarded port +method.insert = get_port_forward, simple|private, "execute.capture=bash,-c,\"eval echo -n \$(natpmpc -g 10.2.0.1 -a 1 0 tcp 60 | awk '/Mapped public port/ { print $4 }')\"" +schedule2 = port_tick, 6, 45, "network.port_range.set=(get_port_forward)" + # Tracker-less torrent and UDP tracker support # (conservative settings for 'private' trackers, change for 'public') dht.mode.set = disable protocol.pex.set = no -trackers.use_udp.set = no +trackers.use_udp.set = yes + +# XMLRPC +network.scgi.open_local = /run/rtorrent/rpc.sock +execute.nothrow = chmod,777,/run/rtorrent/rpc.sock + + +############################################################################# +# Throttles & Limits +############################################################################# -# Peer settings -throttle.max_uploads.set = 100 -throttle.max_uploads.global.set = 250 +throttle.max_uploads.set = 250 +throttle.max_uploads.global.set = 500 -throttle.min_peers.normal.set = 20 +throttle.min_peers.normal.set = 1 throttle.max_peers.normal.set = 60 -throttle.min_peers.seed.set = 30 +throttle.min_peers.seed.set = 1 throttle.max_peers.seed.set = 80 -trackers.numwant.set = 80 +trackers.numwant.set = 20 protocol.encryption.set = allow_incoming,try_outgoing,enable_retry # Limits for file handle resources, this is optimized for # an `ulimit` of 1024 (a common default). You MUST leave # a ceiling of handles reserved for rTorrent's internal needs! -network.http.max_open.set = 50 -network.max_open_files.set = 600 -network.max_open_sockets.set = 300 +network.http.max_open.set = 500 +network.max_open_files.set = 12000 +network.max_open_sockets.set = 6000 + + +############################################################################# +# Base Settings +############################################################################# # Memory resource usage (increase if you have a large number of items loaded, # and/or the available resources to spend) -pieces.memory.max.set = 1800M +pieces.memory.max.set = 16000M network.xmlrpc.size_limit.set = 4M # Basic operational settings (no need to change these) session.path.set = (cat, (cfg.basedir), ".session") directory.default.set = (cat, (cfg.basedir), "download/") -log.execute = (cat, (cfg.logs), "execute.log") -##log.xmlrpc = (cat, (cfg.logs), "xmlrpc.log") execute.nothrow = bash, -c, (cat, "echo >",\ (session.path), "rtorrent.pid", " ", (system.pid)) @@ -64,14 +87,6 @@ encoding.add = utf8 system.umask.set = 0027 system.cwd.set = (directory.default) network.http.dns_cache_timeout.set = 25 -##network.http.capath.set = "/etc/ssl/certs" -##network.http.ssl_verify_peer.set = 0 -##network.http.ssl_verify_host.set = 0 -##pieces.hash.on_completion.set = no -##keys.layout.set = qwerty - -##view.sort_current = seeding, greater=d.ratio= -schedule2 = monitor_diskspace, 15, 60, ((close_low_diskspace, 1000M)) # Some additional values and commands method.insert = system.startup_time, value|const, (system.time) @@ -85,16 +100,75 @@ method.insert = d.session_file, simple, "cat=(session.path), (d.hash), .torrent" schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent"))) schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent"))) -# Logging: -# Levels = critical error warn notice info debug -# Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_* -print = (cat, "Logging to ", (cfg.logfile)) -log.open_file = "log", (cfg.logfile) + +############################################################################# +# Log Rotation, Archival, and Pruning +############################################################################# + + +# Settings for archival delay, and retention [days] +method.insert.value = pyro.log_retention.days, 2 +method.insert.value = pyro.log_archival.days, 7 + +# Create HUGE xmlrpc log files? +method.insert.value = pyro.log.xmlrpc.enabled, 0 +method.insert.value = pyro.extended, 0 + +method.insert.value = pyro._log.xmlrpc.closing, 0 + +# Create a "YYYY-mm-dd-HHMMSS" time stamp +method.insert = pyro.date_iso.log_stamp, simple|private,\ + "execute.capture_nothrow = bash, -c, \"echo -n $(date +%Y-%m-%d-%H%M%S)\"" + +# String value for the currently used time stamp, changed on rotation +method.insert = pyro.log_stamp.current, string + +# Create a full logfile path using the current stamp +method.insert = pyro.logfile_path, simple|private,\ + "cat = (cfg.logs), (argument.0), \"-\", (pyro.log_stamp.current), .log" + +# (Re-)open all logs with a current time stamp; the main log file +# is just opened, you need to add some logging scopes yourself! +method.insert = pyro.log_rotate, multi|rlookup|static +method.set_key = pyro.log_rotate, !stamp,\ + "pyro.log_stamp.current.set = (cat, (pyro.date_iso.log_stamp))" +method.set_key = pyro.log_rotate, execute,\ + "log.execute = (pyro.logfile_path, execute)" +method.set_key = pyro.log_rotate, messages,\ + "branch = (pyro.extended), ((log.messages, (pyro.logfile_path, messages) ))" +method.set_key = pyro.log_rotate, xmlrpc,\ + "branch = pyro.log.xmlrpc.enabled=, \"log.xmlrpc=(pyro.logfile_path, xmlrpc)\", \ + \"log.xmlrpc=(pyro._log.xmlrpc.closing)\"" +method.set_key = pyro.log_rotate, ~main,\ + "log.open_file = log, (pyro.logfile_path, rtorrent)" + +# Logrotate schedule (rotating shortly after 1AM, so DST shenanigans +# are taken care of, and rotation is always near the begin of the next day) +schedule2 = pyro_daily_log_rotate, 01:05:00, 24:00:00, ((pyro.log_rotate)) + +# Log file archival and pruning +method.insert = pmb._logfile_find_cmd, simple|private,\ + "cat = \"find \", (cfg.logs),\ + \" -daystart -type f -name '*.\", (argument.0),\"'\",\ + \" -mtime +\", (argument.1),\ + \" -exec nice \", (argument.2), \" '{}' ';'\"" + +schedule2 = pyro_logfile_archival, 01:10:00, 24:00:00,\ + "execute.nothrow = bash, -c, (pmb._logfile_find_cmd, log, (pyro.log_archival.days), gzip)" + +schedule2 = pyro_logfile_pruning, 01:20:00, 24:00:00,\ + "execute.nothrow = bash, -c, (pmb._logfile_find_cmd, log.gz, (pyro.log_retention.days), rm)" + +# Open logs initially on startup +# pyro.log_rotate= +schedule2 = pyro_startup_log_xmlrpc_open, 7, 0, \ + "branch = pyro.log.xmlrpc.enabled=, \"log.xmlrpc=(pyro.logfile_path, xmlrpc)\"" + +pyro.log_stamp.current.set = (cat, (pyro.date_iso.log_stamp)) +log.open_file = log, (pyro.logfile_path, rtorrent) log.add_output = "info", "log" -##log.add_output = "tracker_debug", "log" +log.add_output = "tracker_info", "log" +log.execute = (pyro.logfile_path, execute) -# XMLRPC -network.scgi.open_local = /run/rtorrent/rpc.sock -execute.nothrow = chmod,777,/run/rtorrent/rpc.sock ### END of rtorrent.rc ### |