Move some more configuration for websites

[perso/Immae/Config/Nix.git] / virtual / modules / websites / default.nix

diff --git a/virtual/modules/websites.nix b/virtual/modules/websites/default.nix
similarity index 93%
rename from virtual/modules/websites.nix
rename to virtual/modules/websites/default.nix
index d794c7a90efd5ba75979fdabac6d3a7244cba96e..14b99983a0300b6ed0576b7d4cff64682ab5aa8f 100644 (file)
--- a/virtual/modules/websites.nix
+++ b/virtual/modules/websites/default.nix
@@ -59,16 +59,16 @@ let
 in
 {
   imports = [
-    ./websites/chloe
-    ./websites/ludivine
-    ./websites/aten
-    ./websites/piedsjaloux
-    ./websites/connexionswing
+    ./chloe
+    ./ludivine
+    ./aten
+    ./piedsjaloux
+    ./connexionswing
     # built using:
     # sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
     # And removed users / groups
-    ./websites/apache/httpd_prod.nix
-    ./websites/apache/httpd_inte.nix
+    ./apache/httpd_prod.nix
+    ./apache/httpd_inte.nix
   ];
 
   options.services.myWebsites = {
@@ -95,6 +95,18 @@ in
   };
 
   config = {
+    networking = {
+      firewall = {
+        enable = true;
+        allowedTCPPorts = [ 80 443 ];
+      };
+      interfaces."eth0".ipv4.addresses = [
+        # 176.9.151.89 declared in nixops -> infra / tools
+        { address = myconfig.ips.production; prefixLength = 32; }
+        { address = myconfig.ips.integration; prefixLength = 32; }
+      ];
+    };
+
     services.myWebsites.Chloe.production.enable = cfg.production.enable;
     services.myWebsites.Ludivine.production.enable = cfg.production.enable;
     services.myWebsites.Aten.production.enable = cfg.production.enable;