From b5e505bebf6f7c064175886450c5e1893aaf00cb Mon Sep 17 00:00:00 2001
From: pigeonmoelleux <pigeonmoelleux@crans.org>
Date: Sat, 9 Nov 2024 19:27:34 +0100
Subject: [PATCH] =?UTF-8?q?Ajout=20configuration=20r=C3=A9seau=20+=20resti?=
 =?UTF-8?q?c?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 hosts/physiques/thot/default.nix    |  2 ++
 hosts/physiques/thot/networking.nix | 39 +++++++++++++++++++++++++++++
 modules/services/nginx.nix          | 10 ++++++++
 modules/services/restic.nix         | 19 ++++++++++++++
 4 files changed, 70 insertions(+)
 create mode 100644 modules/services/nginx.nix
 create mode 100644 modules/services/restic.nix

diff --git a/hosts/physiques/thot/default.nix b/hosts/physiques/thot/default.nix
index ea11972..182cc27 100644
--- a/hosts/physiques/thot/default.nix
+++ b/hosts/physiques/thot/default.nix
@@ -6,6 +6,8 @@
     ./networking.nix
 
     ../../../modules
+    ../../../modules/services/nginx.nix
+    ../../../modules/services/restic.nix
   ];
 
   networking.hostId = "bbdd1133";
diff --git a/hosts/physiques/thot/networking.nix b/hosts/physiques/thot/networking.nix
index d8147ea..c98b62d 100644
--- a/hosts/physiques/thot/networking.nix
+++ b/hosts/physiques/thot/networking.nix
@@ -1,5 +1,44 @@
 { ... }:
 
 {
+  networking = {
 
+    dhcpcd.enable = false;
+
+    vlans = {
+      vlan3 = {
+        id = 3;
+        interface = "eno1";
+      };
+      vlan10 = {
+        id = 10;
+        interface = "eno1";
+      };
+    };
+
+    interfaces = {
+      vlan3 = {
+        ipv4 = {
+          addresses = [
+            {
+              address = "172.16.3.14";
+              prefixLength = 24;
+            }
+          ];
+        };
+      };
+      vlan10 = {
+        ipv4 = {
+          addresses = [
+            {
+              address = "172.16.10.14";
+              prefixLength = 24;
+            }
+          ];
+        };
+      };
+    };
+    defaultGateway = "172.16.3.99";
+    nameservers = [ "172.16.10.128" ];
+  };
 }
diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix
new file mode 100644
index 0000000..0c6c0c4
--- /dev/null
+++ b/modules/services/nginx.nix
@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+  services.nginx = {
+    enable = true;
+
+    recommendedProxySettings = true;
+    recommendedOptimisation = true;
+  };
+}
diff --git a/modules/services/restic.nix b/modules/services/restic.nix
new file mode 100644
index 0000000..9f0d302
--- /dev/null
+++ b/modules/services/restic.nix
@@ -0,0 +1,19 @@
+{ config, ... }:
+
+{
+  services.restic.server = {
+    enable = true;
+
+    dataDir = "/backups";
+    listenAddress = "localhost:4242";
+    privateRepos = true;
+  };
+
+  services.nginx.virtualHosts = {
+    "${config.networking.hostName}.adm.crans.org" = {
+      locations."/" = {
+        proxyPass = "http://${config.services.restic.server.listenAddress}";
+      };
+    };
+  };
+}