Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config

2022-06-01 19:04:01 +00:00 · 2022-06-01 19:04:01 +00:00 · 69e8962c22
parent f11a785747 925a08ffee
commit 69e8962c22
2 changed files with 94 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,66 @@
-# dotconf
-* backup
+# nixos-config
+This repository contain all my nixos config

-	git clone
-	change /etc/nixos to link to ~/git/nixos-config/hosts/backup
-	add ln -s /home/alexandre/git/nixos-config/modules /etc/modules
+hosts :
+  * backup
+        backup server : online
+  * web
+        server web : OVH
+  * dell-5590
+        pro laptop
+  * services
+        VM on personal PX server. Hosting grafana - prometheus - loki
+  * x201
+        personnal laptop
+  * next
+        VM on personnal PX server. Nosting personnal nextcloud
+
+modules :
+  * common.nix : common config like environnement variable and common system packages base
+  * gitea.nix : use on web server
+  * prometheus-node.nix : prometheus node-exporter. use by all machine
+  * rest-server.nix : use by backup server. Restic server
+  * users.nix : user configuration. use by all machine
+
+# How to use
+## First boot
+After first boot :
+
+        nix-shell -p git
+        git clone gitea@git.atlanticaweb.fr:alexandre/nixos-config.git
+        cd nix-os-config
+        cp modules/users.nix /etc/nixos/
+        cp modules/common.nix /etc/nixos/
+        nano /etc/nixos/configuration.nix
+
+add **./users.nix** and **./common.nix** after **./hardware-configuration.nix** and exit
+
+        nixos-rebuild switch
+        rm -rf ~/nixos-config
+        exit
+
+Copy your personnal private key to account
+
+		scp -i .ssh/privatekey .ssh/privatekey machine:/home/alexandre/.ssh/
+
+Logging with user
+
+        mkdir git;cd git
+        git clone gitea@git.atlanticaweb.fr:alexandre/nixos-config.git
+        cd nixos-config/hosts
+        mkdir newhosts
+        cd newhosts
+        cp /etc/nixos/* .
+
+edit configuration.nix and change **./users.nix** to **../modules/users.nix** and change ./common.nix to ../modules/common.nix
+
+		rm /etc/nixos
+		ln -s /home/alexandre/git/nixos-config/hosts/machine /etc/nixos
+		ln -s /home/alexandre/git/
+
+## Exploit
+to rebuild system, just :
+
+		sudo nixos-rebuild switch
+
+Users have not a password.
--- a/modules/rest-server.nix
+++ b/modules/rest-server.nix
@ -1,5 +1,8 @@

-{ lib, config, ... }:
+{ lib, config, pkgs, ... }:
+let
+   caddyDir = "/var/lib/caddy";
+in
 {
  services.restic.server = {
 	enable = true;
@ -7,9 +10,33 @@
  	extraFlags = [ "--no-auth" ];
  	dataDir = "/var/lib/backup";
  	prometheus = true;
+	listenAddress = "127.0.0.1:8080";
 	};
  networking = {
 	firewall.enable = true;
-        firewall.allowedTCPPorts = [ 8000 ];
+        firewall.allowedTCPPorts = [ 80 443 ];
 	};
+  services.caddy = {
+    enable = true;
+    email = "lucazeau.alexandre@gmail.com";
+    config = ''
+    {
+      storage file_system {
+      root ${caddyDir}
+      }
+    }
+    https://back.atlanticaweb.fr {
+    	reverse_proxy http://127.0.0.1:8080
+    }
+    '';
+  };
+  users.users.caddy = {
+    group = "caddy";
+    uid = config.ids.uids.caddy;
+    home = caddyDir;
+    createHome = true;
+    extraGroups = [ "users" ];
+  };
+  
+  users.groups.caddy.gid = config.ids.uids.caddy;
 }