Add jupiter transmission container

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

packages/docker/transmission-protonvpn/default.nix

@@ -6,6 +6,11 @@ let
     destination = "/bin/entrypoint";
     text = builtins.readFile ./entrypoint.sh;
   };
+
+  flood-for-transmission = pkgs.runCommandLocal "flood-for-transmission" { } ''
+    mkdir -p $out/var/www
+    cp -r ${pkgs.flood-for-transmission} $out/var/www/transmission
+  '';
 in
 pkgs.dockerTools.buildImage {
   name = "transmission-protonvpn";
@@ -13,19 +18,20 @@ pkgs.dockerTools.buildImage {
 
   copyToRoot = pkgs.buildEnv {
     name = "root";
-    paths = with pkgs; [
+    paths = [
       entrypoint
-      transmission_4
       flood-for-transmission
-      wireguard-tools
-      libnatpmp
-      curl
-      jq
+      pkgs.transmission_4
+      pkgs.wireguard-tools
+      pkgs.libnatpmp
+      pkgs.curl
+      pkgs.jq
     ];
     pathsToLink = [
       "/bin"
       "/lib"
       "/share"
+      "/var"
     ];
   };
 
@@ -43,7 +49,8 @@ pkgs.dockerTools.buildImage {
       "/var/lib/transmission" = { };
     };
     Env = [
-      "TRANSMISSION_WEB_HOME=${pkgs.flood-for-transmission}"
+      "TRANSMISSION_HOME=/etc/transmission"
+      "TRANSMISSION_WEB_HOME=/var/www/transmission"
     ];
   };
 }

packages/docker/transmission-protonvpn/entrypoint.sh

@@ -9,7 +9,9 @@ WIREGUARD_ADDRESS="${WIREGUARD_ADDRESS:-10.2.0.2/32}"
 WIREGUARD_DNS="${WIREGUARD_DNS:-10.2.0.1}"
 
 WIREGUARD_PEER_IP="${WIREGUARD_ENDPOINT%%:*}"
-DEFAULT_IFACE=$(ip route show default | awk '/default/ {print $5; exit}')
+
+DEFAULT_GATEWAY="$(ip route show default | awk '/default/ {print $3; exit}')"
+DEFAULT_INTERFACE="$(ip route show default | awk '/default/ {print $5; exit}')"
 
 ip link add dev wg0 type wireguard
 
@@ -19,21 +21,23 @@ wg set wg0 peer "$WIREGUARD_PUBLIC_KEY" allowed-ips "$WIREGUARD_ALLOWED_IPS" end
 
 ip link set up dev wg0
 
-ip route add "$WIREGUARD_PEER_IP/32" dev "$DEFAULT_IFACE"
+ip route add "$WIREGUARD_PEER_IP/32" via "$DEFAULT_GATEWAY" dev "$DEFAULT_INTERFACE"
 ip route add 0.0.0.0/0 dev wg0
 
 echo "nameserver $WIREGUARD_DNS" > /etc/resolv.conf
 
-PIPE=$(mktemp -u)
-mkfifo "$PIPE"
-
 BIND_IP="${WIREGUARD_ADDRESS%%/*}"
 
-transmission-daemon -d \
+rm -f "$TRANSMISSION_HOME/settings.json"
+
+default_settings="$(\
+  transmission-daemon -d \
   --no-portmap \
   --bind-address-ipv4 "$BIND_IP" \
   --bind-address-ipv6 "::1" \
-  "$@" 2> /etc/transmission/settings.json
+  "$@" 2>&1)"
+
+echo "$default_settings" > "$TRANSMISSION_HOME/settings.json"
 
 tmpfile="$(mktemp)"
 jq '. + {
@@ -43,21 +47,23 @@ jq '. + {
   "download-dir": "/var/lib/transmission",
   "incomplete-dir": "/var/lib/transmission/incomplete",
   "rename-partial-files": true
-}' /etc/transmission/settings.json > "$tmpfile"
-mv "$tmpfile" /etc/transmission/settings.json
+}' "$TRANSMISSION_HOME/settings.json" > "$tmpfile"
+mv "$tmpfile" "$TRANSMISSION_HOME/settings.json"
 
-if [ -f /etc/transmission/settings.override.json ]; then
+if [ -f "$TRANSMISSION_HOME/settings.override".json ]; then
   tmpfile="$(mktemp)"
   jq -s \
     '.[0] * .[1]' \
-    /etc/transmission/settings.json \
-    /etc/transmission/settings.override.json \
+    "$TRANSMISSION_HOME/settings.json" \
+    "$TRANSMISSION_HOME/settings.override.json" \
     > "$tmpfile"
-  mv "$tmpfile" /etc/transmission/settings.json
+  mv "$tmpfile" "$TRANSMISSION_HOME/settings.json"
 fi
 
+PIPE=$(mktemp -u)
+mkfifo "$PIPE"
+
 transmission-daemon -f \
-  --config-dir /etc/transmission \
   --no-portmap \
   --bind-address-ipv4 "$BIND_IP" \
   --bind-address-ipv6 "::1" \
@@ -72,7 +78,7 @@ tee "$CAT_PIPE" "$GREP_PIPE" < "$PIPE" > /dev/null &
 cat "$CAT_PIPE" &
 grep -q -m 1 "Serving RPC and Web requests on 0.0.0.0:9091" < "$GREP_PIPE"
 
-rpc_path="$(jq -r '.["rpc-url"]' /etc/transmission/settings.json)"
+rpc_path="$(jq -r '.["rpc-url"]' "$TRANSMISSION_HOME/settings.json")"
 rpc_url="http://127.0.0.1:9091${rpc_path}rpc/"
 
 (
@@ -109,7 +115,7 @@ cleanup() {
   kill -INT "$PID" "$NATPMP_PID" || true
 
   ip route del 0.0.0.0/0 dev wg0
-  ip route del "$WIREGUARD_PEER_IP/32" dev "$DEFAULT_IFACE"
+  ip route del "$WIREGUARD_PEER_IP/32" via "$DEFAULT_GATEWAY" dev "$DEFAULT_INTERFACE"
 
   ip link set down dev wg0
   ip link delete dev wg0

packages/sas/cacert/default.nix

@@ -5,7 +5,7 @@ pkgs.stdenv.mkDerivation rec {
 
   src = builtins.fetchurl {
     url = "http://certificates.sas.com/pki/sascacertsbundle.txt";
-    sha256 = "sha256:0naqfhyh7ri1lxkyx8kdh4bmrd59j9gnfxfi12ggfqkii9n37lj6";
+    sha256 = "sha256:1lah292kqhw6mkj63870qh8fjm44ll4jdqz87pfgr4sb803w1i15";
   };
 
   phases = [ "installPhase" ];