feat: uncucked server

2025-12-14 10:30:52 -06:00 · 2025-12-10 15:58:39 -06:00 · 2025-12-10 15:58:39 -06:00 · d32ece51bf
commit d32ece51bf
parent 8649008c93
22 changed files with 273 additions and 112 deletions
--- a/modules/nixos/homelab/guests/qbittorrent/config/default.nix
+++ b/modules/nixos/homelab/guests/qbittorrent/config/default.nix
@ -152,7 +152,7 @@ in
                    };

                    Downloads = {
-                      SavePath = "${mnt}/${serviceCfg.name}/downloads";
+                      SavePath = "/var/lib/${serviceCfg.name}-downloads";
                      TempPathEnabled = false;
                      PreAllocation = false;
                    };
@ -172,15 +172,14 @@ in
              network = {
                enable = true;
                networks."10-enp" = {
-                  matchConfig.Name = "enp0s5";
+                  matchConfig.Name = "enp0s6";
                  addresses = [ { Address = "${ip}/24"; } ];
                  gateway = [ "192.168.50.1" ];
                };
              };

              tmpfiles.rules = [
-                "d ${mnt}/${serviceCfg.name} 755 ${serviceCfg.name} ${serviceCfg.name} -"
-                "d ${mnt}/${serviceCfg.name}/downloads 755 ${serviceCfg.name} ${serviceCfg.name} -"
+                "d /var/lib/${serviceCfg.name}-downloads 755 ${serviceCfg.name} ${serviceCfg.name} -"
              ];

              services = {
@ -366,7 +365,13 @@ in
                  mountPoint = "/var/lib/${serviceCfg.name}";
                  proto = "virtiofs";
                  source = "${mnt}/${serviceCfg.name}";
-                  tag = "${serviceCfg.name}_data";
+                  tag = "${serviceCfg.name}_${user}_data";
+                }
+                {
+                  mountPoint = "/var/lib/${serviceCfg.name}-downloads";
+                  proto = "virtiofs";
+                  source = "${mnt}/${serviceCfg.name}/downloads";
+                  tag = "${serviceCfg.name}_${user}_downloads";
                }
                {
                  mountPoint = "/run/secrets";
@ -391,6 +396,11 @@ in

      };
      sops.secrets = {
+        "caddy/share-auth" = {
+          owner = "caddy";
+          group = "caddy";
+          mode = "0400";
+        };
        "torrent/${user}-wireguard-pass" = {
          owner = "root";
          mode = "0400";
@ -410,6 +420,9 @@ in

        tmpfiles.rules = [
          "d ${mnt}/${serviceCfg.name} 0755 microvm wheel - -"
+          "d ${mnt}/${serviceCfg.name}/downloads 0755 microvm wheel - -"
+          # "d /run/secrets/qbittorrent/caddy 755 caddy caddy -"
+          # "d /var/log/caddy 755 caddy caddy -"
        ];
      };