From 9e14b6aff27619b906e1718956ed8ad18473bf02 Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Mon, 21 Oct 2024 11:34:14 -0400
Subject: [PATCH] feat(qbit): update vpn config

---
 .../nos/modules/qbittorrent/qbittorrent.nix   |   1 +
 devices/nos/modules/qbittorrent/wireguard.nix |  12 ++++++++----
 flake.lock                                    | Bin 57166 -> 57166 bytes
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/devices/nos/modules/qbittorrent/qbittorrent.nix b/devices/nos/modules/qbittorrent/qbittorrent.nix
index 35f4e39d..006e598d 100644
--- a/devices/nos/modules/qbittorrent/qbittorrent.nix
+++ b/devices/nos/modules/qbittorrent/qbittorrent.nix
@@ -47,6 +47,7 @@ in {
     configDir = mkOption {
       type = types.path;
       default = "${cfg.dataDir}/.config";
+      defaultText = "/var/lib/qbittorrent/.config";
       description = ''
         The directory where qBittorrent will store its configuration.
       '';
diff --git a/devices/nos/modules/qbittorrent/wireguard.nix b/devices/nos/modules/qbittorrent/wireguard.nix
index 3f89cfaa..9ab919fc 100644
--- a/devices/nos/modules/qbittorrent/wireguard.nix
+++ b/devices/nos/modules/qbittorrent/wireguard.nix
@@ -4,6 +4,10 @@
   ...
 }: let
   inherit (config.sops) secrets;
+
+  wgPort = 51820;
+  clientIP = "10.2.0.2";
+  serverIP = "146.70.198.2";
 in {
   networking.wireguard = {
     enable = true;
@@ -11,9 +15,9 @@ in {
     interfaces = {
       wg0 = {
         interfaceNamespace = "wg";
-        ips = ["10.2.0.2/32"];
+        ips = ["${clientIP}/32"];
 
-        listenPort = 51820;
+        listenPort = wgPort;
 
         generatePrivateKeyFile = false;
         privateKeyFile = secrets.vpn.path;
@@ -22,7 +26,7 @@ in {
           {
             publicKey = "aQ2NoOYEObG9tDMwdc4VxK6hjW+eA0PLfgbH7ffmagU=";
             allowedIPs = ["0.0.0.0/0"];
-            endpoint = "146.70.198.2:51820";
+            endpoint = "${serverIP}:${toString wgPort}";
           }
         ];
       };
@@ -50,7 +54,7 @@ in {
       wantedBy = ["multi-user.target"];
       script = ''
         ${pkgs.iproute2}/bin/ip netns exec wg ${pkgs.iproute2}/bin/ip link set dev lo up
-        ${pkgs.socat}/bin/socat tcp-listen:${port},fork,reuseaddr exec:'${pkgs.iproute2}/bin/ip netns exec wg ${pkgs.socat}/bin/socat STDIO "tcp-connect:10.2.0.2:${port}"',nofork
+        ${pkgs.socat}/bin/socat tcp-listen:${port},fork,reuseaddr exec:'${pkgs.iproute2}/bin/ip netns exec wg ${pkgs.socat}/bin/socat STDIO "tcp-connect:${clientIP}:${port}"',nofork
       '';
     };
   in {
diff --git a/flake.lock b/flake.lock
index e3dcc4c41d2bccabf34bba7088beec32f1a649da..ca7f6192e20037ebc09ad375d2ac15eb728fb8d3 100644
GIT binary patch
delta 141
zcmV;80CNA%z5~v_1F&GY2RSt|G&D9dlkp!ND`Q1^FKRh<Rcc9RO*vCeSWY)?LpC^R
zS~7G>SSvwEH)UC9K~gnAF=$XQldrfoC}Cn^H8W*6HZe3fW@2SAVlX!}I5lN4Ff?Rj
vIWT56VKO;3IWspfGLsFt7y&Vp!3Y+Uu(?W;Y6TyY?K2*ePq{a<`ngmk030uF

delta 140
zcmV;70CWG&z5~v_1F&GY1~@S_HZwPqaa<lNT69t?IB!x<FJwevHZ?XYIdyq@Re3^4
zV`*$mQZ+I{W>|SSVoFLwVr*}duedfSWjHf6VK8JjWnnWiW;Qr6IAS$7GC4M8F*!A5
uWjQf4V=^{lHDfSilMT5T0Wg!n2o{sDxk{621s{{`Gai#qxi_==xl|?e&oAr%