# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only

  networking.hostName = "spoutnik";
  services.openssh.ports = [ 220 ];

  networking.interfaces.enp0s25.useDHCP = false;
  networking.interfaces.enp0s25.ipv4.addresses = [
    {
      address = "192.168.0.40";
      prefixLength = 24;
    }
  ];

  networking.wireguard.interfaces.wg0 = {
    ips = [ "10.42.0.2/16" ];
    listenPort = 42136;
  };

  # Activate as Nomad and Consul server node
  services.nomad.settings.server.enabled = true;
  services.consul.extraConfig.server = true;

  # Nginx configuration:

  services.nginx = {
    enable = true;

    # Use recommended settings
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;

    # Add any further config to match your needs, e.g.:
    virtualHosts = let
      base = locations: {
        inherit locations;

        forceSSL = true;
        enableACME = true;
      };
      proxy = addr: port: base {
        "/".proxyPass = "http://" + addr + ":" + toString(port);
      };
    in {
      "axl.deuxfleurs.fr" = proxy "192.168.0.60" 80;
      "warez.luxeylab.net" = proxy "192.168.0.50" 80;
    };
  };


  # ACME:

  security.acme = {
    acceptTerms = true;
    email = "adrien@luxeylab.net";
  };
}