mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
1f99318fcd5ffc7e977d3f3d8b1d9243f21f7146
nix-config/modules/nixos/services/caddy/default.nix
mjallen18 1f99318fcd stuffs like bruh wtf
2026-02-04 19:40:00 -06:00

122 lines
4.1 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
namespace,
...
}:
with lib;
let
name = "caddy";
cfg = config.${namespace}.services.${name};
caddyPackage = pkgs.caddy.withPlugins {
plugins = [ "github.com/caddy-dns/cloudflare@v0.2.2" ];
hash = "sha256-dnhEjopeA0UiI+XVYHYpsjcEI6Y1Hacbi28hVKYQURg=";
};
caddy = lib.${namespace}.mkModule {
inherit config name;
description = "caddy Service";
options = { };
moduleConfig = {
sops = {
secrets = {
"jallen-nas/traefik/crowdsec/lapi-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/crowdsec/capi-machine-id" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/crowdsec/capi-password" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-dns-api-token" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-zone-api-token" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-api-key" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
"jallen-nas/traefik/cloudflare-email" = {
sopsFile = (lib.snowfall.fs.get-file "secrets/nas-secrets.yaml");
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
};
templates = {
"caddy.env" = {
content = ''
CLOUDFLARE_DNS_API_TOKEN=${config.sops.placeholder."jallen-nas/traefik/cloudflare-dns-api-token"}
CLOUDFLARE_ZONE_API_TOKEN=${config.sops.placeholder."jallen-nas/traefik/cloudflare-zone-api-token"}
CLOUDFLARE_API_KEY=${config.sops.placeholder."jallen-nas/traefik/cloudflare-api-key"}
CLOUDFLARE_EMAIL=${config.sops.placeholder."jallen-nas/traefik/cloudflare-email"}
'';
owner = config.users.users.caddy.name;
group = config.users.users.caddy.group;
restartUnits = [ "caddy.service" ];
};
};
};
services.caddy = {
enable = true;
# package = caddyPackage;
# environmentFile = config.sops.templates."caddy.env".path;
email = "jalle008@proton.me";
enableReload = false;
dataDir = "${cfg.configDir}/caddy";
globalConfig = ''
metrics
http_port 80
https_port 443
default_bind 0.0.0.0
''; # b710da1b0182eadcb1e569408de778f9f3c50
virtualHosts = {
"gitea.mjallen.dev" = {
extraConfig = ''
reverse_proxy http://10.0.1.3:3000
'';
};
"jellyfin.mjallen.dev" = {
extraConfig = ''
reverse_proxy http://10.0.1.3:8096
'';
};
"hass.mjallen.dev" = {
extraConfig = ''
reverse_proxy http://10.0.1.4:8123
'';
};
};
};
};
};
in
{
imports = [ caddy ];
}
Reference in New Issue View Git Blame Copy Permalink