diff --git a/hosts/physiques/thot/default.nix b/hosts/physiques/thot/default.nix index ea11972..182cc27 100644 --- a/hosts/physiques/thot/default.nix +++ b/hosts/physiques/thot/default.nix @@ -6,6 +6,8 @@ ./networking.nix ../../../modules + ../../../modules/services/nginx.nix + ../../../modules/services/restic.nix ]; networking.hostId = "bbdd1133"; diff --git a/hosts/physiques/thot/networking.nix b/hosts/physiques/thot/networking.nix index d8147ea..c98b62d 100644 --- a/hosts/physiques/thot/networking.nix +++ b/hosts/physiques/thot/networking.nix @@ -1,5 +1,44 @@ { ... }: { + networking = { + dhcpcd.enable = false; + + vlans = { + vlan3 = { + id = 3; + interface = "eno1"; + }; + vlan10 = { + id = 10; + interface = "eno1"; + }; + }; + + interfaces = { + vlan3 = { + ipv4 = { + addresses = [ + { + address = "172.16.3.14"; + prefixLength = 24; + } + ]; + }; + }; + vlan10 = { + ipv4 = { + addresses = [ + { + address = "172.16.10.14"; + prefixLength = 24; + } + ]; + }; + }; + }; + defaultGateway = "172.16.3.99"; + nameservers = [ "172.16.10.128" ]; + }; } diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix new file mode 100644 index 0000000..0c6c0c4 --- /dev/null +++ b/modules/services/nginx.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + services.nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedOptimisation = true; + }; +} diff --git a/modules/services/restic.nix b/modules/services/restic.nix new file mode 100644 index 0000000..9f0d302 --- /dev/null +++ b/modules/services/restic.nix @@ -0,0 +1,19 @@ +{ config, ... }: + +{ + services.restic.server = { + enable = true; + + dataDir = "/backups"; + listenAddress = "localhost:4242"; + privateRepos = true; + }; + + services.nginx.virtualHosts = { + "${config.networking.hostName}.adm.crans.org" = { + locations."/" = { + proxyPass = "http://${config.services.restic.server.listenAddress}"; + }; + }; + }; +}