From 4fee576cb4bf78a820cc3180b564708dd2ad9d5d Mon Sep 17 00:00:00 2001
From: Peder Bergebakken Sundt <pbsds@hotmail.com>
Date: Sun, 27 Aug 2023 01:01:20 +0200
Subject: [PATCH] static ip yo

---
 flake.nix | 44 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 38 insertions(+), 6 deletions(-)

diff --git a/flake.nix b/flake.nix
index ce5f72c..1a12cf7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -23,16 +23,35 @@
         grzegorz.nixosModules.grzegorz-kiosk
         grzegorz-clients.nixosModules.grzegorz-webui
         ./hardware-configuration.nix
-        ({ config, ... }: {
+        ({ config, pkgs, ... }: {
           system.stateVersion = "23.05";
 
           boot.loader.grub.enable = true;
           boot.loader.grub.device = "/dev/sda";
           boot.loader.grub.useOSProber = true;
 
+          services.resolved.enable = true;
           networking.hostName = "brzeczyszczykiewicz";
           networking.domain   = "pvv.ntnu.no";
           networking.search = [ "pvv.ntnu.no" ];
+          networking = {
+            interfaces = {
+              eno1.ipv4.addresses = [{
+                address = "129.241.210.205";
+                prefixLength = 25;
+              }];
+              eno1.ipv6.addresses = [{
+                address = "2001:700:300:1900::1:50";
+                prefixLength = 64;
+              }];
+            };
+            defaultGateway.address = "129.241.210.129";
+            defaultGateway.interface = "eno1";
+            defaultGateway6.address = "2001:700:300:1900::1";
+            defaultGateway6.interface = "eno1";
+          };
+
+          environment.systemPackages = with pkgs; [ git ];
 
           services.openssh.enable = true;
           services.openssh.settings.PermitRootLogin = "yes";
@@ -54,12 +73,15 @@
           };
 
           services.grzegorz.enable     = true;
-          services.grzegorz.listenAddr = "::1";
+          services.grzegorz.listenAddr = "localhost";
           services.grzegorz.listenPort = 31337;
 
           services.grzegorz-webui.enable     = true;
-          services.grzegorz-webui.listenAddr = "::1";
-          services.grzegorz-webui.apiBase    = "http://[::1]:${builtins.toString config.services.grzegorz-webui.listenPort}";
+          services.grzegorz-webui.listenAddr = "localhost";
+          services.grzegorz-webui.listenPort = 42069;
+          services.grzegorz-webui.listenWebsocketPort = 42042;
+          services.grzegorz-webui.hostName   = "brzeczyszczykiewicz.pvv.ntnu.no";
+          services.grzegorz-webui.apiBase    = "http://localhost:${builtins.toString config.services.grzegorz.listenPort}/api";
           #services.grzegorz-webui.apiBase    = "https://brzeczyszczykiewicz.pvv.ntnu.no/api";
 
           security.acme.acceptTerms    = true;
@@ -69,8 +91,8 @@
           networking.firewall.allowedTCPPorts = [ 80 443 ];
 
           services.nginx.virtualHosts."brzeczyszczykiewicz.pvv.ntnu.no" = {
-            forceSSL = false;
-            enableACME = false;
+            forceSSL = true;
+            enableACME = true;
             serverAliases = [
               "brzeczyszczykiewicz.pvv.org"
               "bokhylle.pvv.ntnu.no"
@@ -83,8 +105,18 @@
             '';
             locations."/" = {
               proxyPass = "http://localhost:${builtins.toString config.services.grzegorz-webui.listenPort}";
+            };
+            # https://github.com/rawpython/remi/issues/216
+            locations."/websocket" = {
+              proxyPass = "http://localhost:${builtins.toString config.services.grzegorz-webui.listenWebsocketPort}";
               proxyWebsockets = true;
             };
+            locations."/api" = {
+              proxyPass = "http://localhost:${builtins.toString config.services.grzegorz.listenPort}";
+            };
+            locations."/docs" = {
+              proxyPass = "http://localhost:${builtins.toString config.services.grzegorz.listenPort}";
+            };
           };
 
         })