nuc: rework torrent vpn and add exporter

hosts/fujitsu/default.nix

@@ -41,6 +41,8 @@
     btdu
     tcpdump
     mtr
+    dnsutils
+    mediainfo
   ];
   programs.git = {
     enable = true;

hosts/nuc/default.nix

@@ -65,6 +65,7 @@
     btdu
     tcpdump
     mtr
+    dnsutils
   ];
   programs.git = {
     enable = true;

hosts/nuc/modules/logseq/default.nix

@@ -4,7 +4,7 @@ let
 in
 {
   virtualisation.oci-containers = {
-    containers.kanboard = {
+    containers.logseq = {
       image = "ghcr.io/logseq/logseq-webapp:latest";
       ports = [ "127.0.0.1:8045:80" ];
     };

hosts/nuc/modules/monitoring/default.nix

@@ -141,6 +141,12 @@ in
           targets = [ "nuc.vpn.rfive.de:9300" ];
         }];
       }
+      {
+        job_name = "qbittorrent";
+        static_configs = [{
+          targets = [ "nuc.vpn.rfive.de:8009" ];
+        }];
+      }
       # {
       #   job_name = "pegel_dresden";
       #   metrics_path = "/probe";

hosts/nuc/modules/torrent/default.nix

@@ -8,9 +8,14 @@ let
   };
 in
 {
+  imports = [
+    ./exporter.nix
+  ];
   age.secrets.mullvad.file = ../../../../secrets/nuc/mullvad.age;
+  age.secrets.airvpn-private.file = ../../../../secrets/nuc/airvpn/private.age;
+  age.secrets.airvpn-psk.file = ../../../../secrets/nuc/airvpn/psk.age;
   environment.etc."netns/torrent/resolv.conf".text = ''
-    nameserver 10.64.0.1
+    nameserver 9.9.9.9
   '';
 
   systemd.services."netns@" = {
@@ -43,20 +48,36 @@ in
 
   # scripted wireguard since systemd-networkd doesn't support netns yet
   networking.wireguard.useNetworkd = false;
-  networking.wireguard.interfaces."wg0-mullvad" = {
-    # Funny Mole
-    privateKeyFile = config.age.secrets.mullvad.path;
-    ips = [ "10.67.237.93/32" ];
+  # networking.wireguard.interfaces."wg0-mullvad" = {
+  #   # Funny Mole
+  #   privateKeyFile = config.age.secrets.mullvad.path;
+  #   ips = [ "10.67.237.93/32" ];
+  #   peers = [
+  #     {
+  #       publicKey = "QEVIaIycN8p5twXCuZeQTEj9utozakw/MU8H6+/whls=";
+  #       allowedIPs = [ "0.0.0.0/0" ];
+  #       endpoint = "138.199.34.129:51820";
+  #     }
+  #   ];
+  #   interfaceNamespace = "torrent";
+  # };
+  # systemd.services."wireguard-wg0-mullvad" = {
+  #   requires = [ "netns@torrent.service" ];
+  # };
+  networking.wireguard.interfaces."wg1-airvpn" = {
+    privateKeyFile = config.age.secrets.airvpn-private.path;
+    ips = [ " 10.146.65.170/32" "fd7d:76ee:e68f:a993:366:82ed:bc88:b04a/128" ];
     peers = [
       {
-        publicKey = "QEVIaIycN8p5twXCuZeQTEj9utozakw/MU8H6+/whls=";
-        allowedIPs = [ "0.0.0.0/0" ];
-        endpoint = "138.199.34.129:51820";
+        publicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
+        presharedKeyFile = config.age.secrets.airvpn-psk.path;
+        allowedIPs = [ "0.0.0.0/0" "::/0" ];
+        endpoint = "europe3.vpn.airdns.org:1637";
       }
     ];
     interfaceNamespace = "torrent";
   };
-  systemd.services."wireguard-wg0-mullvad" = {
+  systemd.services."wireguard-wg1-airvpn" = {
     requires = [ "netns@torrent.service" ];
   };
 

hosts/nuc/modules/torrent/exporter.nix

@@ -0,0 +1,13 @@
+{ ... }:
+{
+  virtualisation.oci-containers = {
+    containers.qbittorrent-exporter = {
+      image = "caseyscarborough/qbittorrent-exporter";
+      ports = [ "0.0.0.0:8009:17871" ];
+      environment = {
+        QBITTORRENT_PORT = "8081";
+        QBITTORRENT_HOST = "nuc.vpn.rfive.de";
+      };
+    };
+  };
+}