added transmission torrent client, will evaluate both it and deluge.

configs/nixos/homepage.nix

@@ -116,6 +116,14 @@ in {
               description = "Torrent webUI";
             };
           }
+          {
+            Transmission = {
+              icon = "sh-transmission.svg";
+              href = "http:cirrostratus:9090";
+              siteMonitor = "http:cirrostratus:9091";
+              description = "Torrent webUI";
+            };
+          }
           {
             Syncthing = {
               icon = "sh-syncthing.svg";

hosts/cirrostratus/default.nix

@@ -17,7 +17,7 @@ inputs.nixpkgs.lib.nixosSystem {
     ./restic.nix
     ./nginx.nix
     ./copyparty.nix
-    ./deluge.nix
+    ./torrent.nix
     ../../configs/nixos/common.nix
     ../../configs/nixos/tailscale.nix
     ../../configs/nixos/sshd.nix

hosts/cirrostratus/torrent.nix

@@ -5,12 +5,12 @@
   lib,
   ...
 }: let
-  webUiPort = "8100";
   namespace = "pvpn";
   interface-name = "pvpn0";
   dnsIP = "DNS = 10.2.0.1";
   privateIP = "10.2.0.2/32";
-  port = 8112;
+  delugeWebPort = 8112;
+  transmissionWebPort = 9091;
   user = config.host.details.user;
   group = "users";
 in {
@@ -71,13 +71,15 @@ in {
     group = group;
     web = {
       enable = true;
-      port = port;
+      port = delugeWebPort;
     };
   };
-  # binding deluged to network namespace
+  systemd.services.deluged = {
-  systemd.services.deluged.bindsTo = ["netns@${namespace}.service"];
+    # binding deluged to network namespace
-  systemd.services.deluged.requires = ["network-online.target" "${namespace}.service"];
+    bindsTo = ["netns@${namespace}.service"];
-  systemd.services.deluged.serviceConfig.NetworkNamespacePath = ["/var/run/netns/${namespace}"];
+    requires = ["network-online.target" "${namespace}.service"];
+    serviceConfig.NetworkNamespacePath = ["/var/run/netns/${namespace}"];
+  };
 
   # allowing delugeweb to access deluged in network namespace, a socket is necesarry
   systemd.sockets."proxy-to-deluged" = {
@@ -101,4 +103,53 @@ in {
       PrivateNetwork = "yes";
     };
   };
+  #transmission, another torrent client.
+  services.transmission = {
+    enable = true;
+    package = pkgs.transmission_4;
+    user = user;
+    group = group;
+    openPeerPorts = true;
+    openRPCPort = true;
+    webHome = pkgs.flood-for-transmission;
+    settings = {
+      utp-enabled = true;
+      watch-dir = "/storage/torrent/watch";
+      watch-dir-enabled = true;
+      incomplete-dir = "/storage/torrent/incomplete";
+      incomplete-dir-enabled = true;
+      download-dir = "/storage/torrent/complete";
+      rpc-bind-address = "100.0.0.0";
+      rpc-port = transmissionWebPort;
+      rpc-whitelist-enabled = false;
+      rpc-host-whitelist-enabled = false;
+    };
+  };
+  systemd.services.transmission = {
+    # binding transmission to network namespace
+    bindsTo = ["netns@${namespace}.service"];
+    requires = ["network-online.target" "${namespace}.service"];
+    serviceConfig.NetworkNamespacePath = ["/var/run/netns/${namespace}"];
+  };
+  # allowing transmissionweb to access transmission in network namespace, a socket is necesarry
+  systemd.sockets."proxy-to-transmission" = {
+    enable = true;
+    description = "Socket for Proxy to Transmission Daemon";
+    listenStreams = ["${toString transmissionWebPort}"];
+    wantedBy = ["sockets.target"];
+  };
+  # creating proxy service on socket, which forwards the same port from the root namespace to the isolated namespace
+  systemd.services."proxy-to-transmission" = {
+    enable = true;
+    description = "Proxy to Transmission Web UI in Network Namespace";
+    requires = ["transmission.service" "proxy-to-transmission.socket"];
+    after = ["transmission.service" "proxy-to-transmission.socket"];
+    unitConfig = {JoinsNamespaceOf = "transmission.service";};
+    serviceConfig = {
+      User = user;
+      Group = group;
+      ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd --exit-idle-time=5min 0.0.0.0:${toString transmissionWebPort}";
+      PrivateNetwork = "yes";
+    };
+  };
 }