configuration.nix/hosts/shared/caddy.nix

30 lines
762 B
Nix
Raw Permalink Normal View History

{ config, inputs, pkgs, ... }: {
2024-09-14 16:57:22 +05:30
sops = {
secrets = {
2024-09-14 19:36:33 +05:30
"caddy/env_file" = {
mode = "400";
owner = config.users.users.caddy.name;
inherit (config.users.users.caddy) group;
2024-09-14 16:57:22 +05:30
};
};
};
2024-07-03 17:03:34 +05:30
services.caddy = {
enable = true;
2024-09-14 16:07:45 +05:30
package = inputs.caddy.packages.${pkgs.system}.caddy;
2024-07-03 17:03:34 +05:30
email = "admin@acomputer.lol";
2024-09-14 16:57:22 +05:30
globalConfig = ''
admin ${config.nodeconfig.facts.wireguard-ip}:2019
2024-10-31 14:39:20 +05:30
acme_dns hetzner {env.HETZNER_ACCESS_TOKEN}
2024-09-15 16:58:33 +05:30
servers {
metrics
}
2024-09-14 16:57:22 +05:30
'';
2024-07-03 17:03:34 +05:30
};
2024-11-23 00:22:19 +05:30
systemd.services.caddy = {
serviceConfig.EnvironmentFile = config.sops.secrets."caddy/env_file".path;
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
2024-11-21 10:50:31 +05:30
networking.firewall.allowedUDPPorts = [ 80 443 ];
2024-07-03 17:03:34 +05:30
}