From 925a08ffeeea7f7a4d44050c3077fe98e3c12c9d Mon Sep 17 00:00:00 2001
From: Alexandre LUCAZEAU <lucazeau.alexandre@gmail.com>
Date: Thu, 26 May 2022 19:08:00 +0000
Subject: [PATCH] FIX : modules/rest-server.nix Add caddy for reverse proxy,
 change firewall rules and change rest-server address for localhost

---
 modules/rest-server.nix | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/modules/rest-server.nix b/modules/rest-server.nix
index 3baa7da..00fdfd2 100644
--- a/modules/rest-server.nix
+++ b/modules/rest-server.nix
@@ -1,5 +1,8 @@
 
-{ lib, config, ... }:
+{ lib, config, pkgs, ... }:
+let
+   caddyDir = "/var/lib/caddy";
+in
 {
   services.restic.server = {
 	enable = true;
@@ -7,9 +10,33 @@
   	extraFlags = [ "--no-auth" ];
   	dataDir = "/var/lib/backup";
   	prometheus = true;
+	listenAddress = "127.0.0.1:8080";
 	};
   networking = {
 	firewall.enable = true;
-        firewall.allowedTCPPorts = [ 8000 ];
+        firewall.allowedTCPPorts = [ 80 443 ];
 	};
+  services.caddy = {
+    enable = true;
+    email = "lucazeau.alexandre@gmail.com";
+    config = ''
+    {
+      storage file_system {
+      root ${caddyDir}
+      }
+    }
+    https://back.atlanticaweb.fr {
+    	reverse_proxy http://127.0.0.1:8080
+    }
+    '';
+  };
+  users.users.caddy = {
+    group = "caddy";
+    uid = config.ids.uids.caddy;
+    home = caddyDir;
+    createHome = true;
+    extraGroups = [ "users" ];
+  };
+  
+  users.groups.caddy.gid = config.ids.uids.caddy;
 }