Working NixOS port: all core services operational

- Fix Caddy cfProxy helper for cloudflared http:// vhosts (X-Forwarded-Proto) - Fix Authelia LDAP bind (readonly user ACL + password sync) - Add gitea-admin-setup oneshot service to survive rebuilds - Update Authelia forward_auth with header_up X-Forwarded-Proto https - Update TODO.org with completed tasks and LDAP config details - Remove old Helm/k8s artifacts (Chart.yaml, templates/, values/, scripts) - Add result to .gitignore Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-23 14:46:21 +03:00
parent 05619d12fc
commit 0b73d493d8
22 changed files with 1410 additions and 355 deletions
@@ -35,11 +35,16 @@ in
  config = lib.mkIf cfg.enable {
    virtualisation.oci-containers.containers.transmission = {
      image = cfg.image;
-      ports = [ "127.0.0.1:${toString cfg.port}:9091" ];
+      # No ports mapping — --network=host shares the host network stack directly.

      environment = {
        PUID = "1000";
        PGID = "1000";
+        # With --network=host, port mappings are ignored; transmission binds
+        # directly on the host. Force it to cfg.port (9092) to avoid
+        # conflicting with Authelia on 9091.
+        TRANSMISSION_WEB_HOME = "/usr/share/transmission/web";
+        WEBUI_PORT            = toString cfg.port;
      };

      volumes = [