{ lib, config, pkgs, ... }: let domain = "htdel.giugl.io"; listenPorts = [ 51413 51414 ]; in { architect.firewall = { openTCP = listenPorts; openUDP = listenPorts; }; services = { deluge = { enable = true; group = "media"; declarative = true; config = { download_location = "/media/deluge"; max_upload_speed = 20; # full-stream enc_level = 1; # forced enc_in_policy = 0; # forced enc_out_policy = 0; max_active_seeding = 100; max_connections_global = 1000; max_active_limit = 100; max_active_downloading = 100; listen_ports = listenPorts; random_port = false; enabled_plugins = [ "Label" "Extractor" ]; }; web.enable = true; authFile = "/secrets/deluge/auth"; extraPackages = [ pkgs.unrar ]; }; }; architect.vhost.${domain} = with config.architect.networks; { dnsInterfaces = [ "lan" "tailscale" ]; locations = { "/" = { allowLan = true; port = 8112; allow = [ tailscale.net ]; }; }; }; users.groups.media.members = [ "deluge" ]; }