feat: try rework

2026-04-04 11:42:19 +02:00 · 2026-04-04 11:42:19 +02:00 · ecf10628c3
commit ecf10628c3
parent 1ddbd3b8b6
51 changed files with 1941 additions and 445 deletions
--- a/services/qbittorrent.nix
+++ b/services/qbittorrent.nix
@ -1,14 +1,21 @@
 { config, pkgs, lib, ... }:
 let
-  net = import ../data/network.nix;
-  serviceData = import ../data/services.nix;
-  qbt = serviceData.qbittorrent;
+  serviceValidation = import ../validation/service/qbittorrent.nix;
+  serviceData = import ../config/services.nix;
+  qbt = serviceValidation.getQbittorrent serviceData;
+
+  webPort = qbt.port;
+
+  rootDir = qbt.root_dir;
+
+  vpnUserPath = qbt.vpn.username_file;
+  vpnPasswordPath = qbt.vpn.password_file;
 in { 
  systemd.tmpfiles.rules = [
-    "d ${qbt.root_dir} 0755 root root - -"
-    "d ${qbt.root_dir}/gluetun 0755 root root - -"
-    "d ${qbt.root_dir}/downloads 0755 root root - -"
-    "d ${qbt.root_dir}/config 0755 root root - -"
+    "d ${rootDir} 0755 root root - -"
+    "d ${rootDir}/gluetun 0755 root root - -"
+    "d ${rootDir}/downloads 0755 root root - -"
+    "d ${rootDir}/config 0755 root root - -"
  ];

  environment.etc."qbittorrent-compose/docker-compose.yml" = {
@ -22,18 +29,18 @@ services:
      - NET_ADMIN
    network_mode: bridge
    ports:
-      - 127.0.0.1:8085:8085   # qBittorrent
+      - 127.0.0.1:${toString webPort}:${toString webPort}   # qBittorrent
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
-      - ${qbt.root_dir}/gluetun/:/gluetun
+      - ${rootDir}/gluetun/:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - SERVER_HOSTNAME=node-nl-28.protonvpn.net,node-ch-06.protonvpn.net,node-nl-13.protonvpn.net,node-ch-06.protonvpn.net,node-es-04.protonvpn.net
      - UPDATER_PERIOD=24h

-      - OPENVPN_USER=${qbt.vpn.username}
-      - OPENVPN_PASSWORD=${qbt.vpn.password}
+      - OPENVPN_USER=$${OPENVPN_USER:-DUMMY_NOT_USED}
+      - OPENVPN_PASSWORD=$${OPENVPN_PASSWORD:-DUMMY_NOT_USED}

      - DOT_PROVIDERS=cloudflare,google
      - BLOCK_ADS=off
@ -50,10 +57,10 @@ services:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Berlin
-      - WEBUI_PORT=8085
+      - WEBUI_PORT=${toString webPort}
    volumes:
-      - ${qbt.root_dir}/config/:/config
-      - ${qbt.root_dir}/downloads/:/downloads
+      - ${rootDir}/config/:/config
+      - ${rootDir}/downloads/:/downloads
    '';
  };
  systemd.services.qbittorrent-stack = {
@ -64,20 +71,27 @@ services:
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
-      WorkingDirectory = qbt.root_dir;
+      WorkingDirectory = rootDir;
      ExecStart = "${pkgs.writeShellScript "torrent-start" ''
-        set -e
+        set -eu
+        export OPENVPN_USER="$(${pkgs.coreutils}/bin/cat ${vpnUserPath} | ${pkgs.coreutils}/bin/tr -d '\r\n')"
+        export OPENVPN_PASSWORD="$(${pkgs.coreutils}/bin/cat ${vpnPasswordPath} | ${pkgs.coreutils}/bin/tr -d '\r\n')"
+
        # Copy compose file to working directory
-        cp /etc/qbittorrent-compose/docker-compose.yml ${qbt.root_dir}/
-        cd ${qbt.root_dir}
+        cp /etc/qbittorrent-compose/docker-compose.yml ${rootDir}/
+        cd ${rootDir}
        ${pkgs.docker-compose}/bin/docker-compose up -d
      ''}";
      ExecStop = "${pkgs.writeShellScript "torrent-stop" ''
-        cd ${qbt.root_dir}
+        cd ${rootDir}
        ${pkgs.docker-compose}/bin/docker-compose down
      ''}";
      ExecReload = "${pkgs.writeShellScript "torrent-reload" ''
-        cd ${qbt.root_dir}
+        set -eu
+        export OPENVPN_USER="$(${pkgs.coreutils}/bin/cat ${vpnUserPath} | ${pkgs.coreutils}/bin/tr -d '\r\n')"
+        export OPENVPN_PASSWORD="$(${pkgs.coreutils}/bin/cat ${vpnPasswordPath} | ${pkgs.coreutils}/bin/tr -d '\r\n')"
+
+        cd ${rootDir}
        ${pkgs.docker-compose}/bin/docker-compose restart
      ''}";

@ -87,6 +101,6 @@ services:
  };

  networking.firewall = {
-    allowedTCPPorts = [8085];
+    allowedTCPPorts = [ webPort ];
  };
 }