caddy: make a shared module

2025-05-13 07:41:08 +02:00 · 2025-05-09 14:23:57 +02:00 · 2025-05-09 14:23:57 +02:00 · f511f7d146
commit f511f7d146
parent ff44839229
6 changed files with 53 additions and 42 deletions
--- a/flake.lock
+++ b/flake.lock
@ -12,11 +12,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1736955230,
+        "lastModified": 1745630506,
-        "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
+        "narHash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
+        "rev": "96e078c646b711aee04b82ba01aefbff87004ded",
        "type": "github"
      },
      "original": {
@ -37,11 +37,11 @@
        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1744375272,
+        "lastModified": 1745851830,
-        "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=",
+        "narHash": "sha256-DHVRLCKoJYrysppygOZrmg6UngrlTN+M4t8HaOiQQfU=",
        "owner": "nix-community",
        "repo": "authentik-nix",
-        "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580",
+        "rev": "618330bee6b5e284499b5f85b74cbdfe6f873d6e",
        "type": "github"
      },
      "original": {
@ -106,11 +106,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1700795494,
+        "lastModified": 1744478979,
-        "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
+        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
        "owner": "lnl7",
        "repo": "nix-darwin",
-        "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
+        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
        "type": "github"
      },
      "original": {
@ -277,11 +277,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1745439012,
+        "lastModified": 1746204974,
-        "narHash": "sha256-TwbdiH28QK7Da2JQTqFHdb+UCJq6QbF2mtf+RxHVzEA=",
+        "narHash": "sha256-Evu4H0/kzaQoCNLGQTp+JGTqkywzPx0IAo20Ci2zNck=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "d31710fb2cd536b1966fee2af74e99a0816a61a8",
+        "rev": "1e8c62c651242fc685b10efc4a48ab777635fb7f",
        "type": "github"
      },
      "original": {
@ -425,11 +425,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1745120797,
+        "lastModified": 1746054057,
-        "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=",
+        "narHash": "sha256-iR+idGZJ191cY6NBXyVjh9QH8GVWTkvZw/w+1Igy45A=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "69716041f881a2af935021c1182ed5b0cc04d40e",
+        "rev": "13ba07d54c6ccc5af30a501df669bf3fe3dd4db8",
        "type": "github"
      },
      "original": {
@ -440,11 +440,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1744098102,
+        "lastModified": 1745391562,
-        "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
+        "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
+        "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
        "type": "github"
      },
      "original": {
@ -502,11 +502,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1745391562,
+        "lastModified": 1746141548,
-        "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
+        "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
+        "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -115,6 +115,7 @@
            authentik.nixosModules.default
            ./hosts/nuc
            ./shared
            ./shared/caddy
            {
              nixpkgs.overlays = [ self.overlays.default ];
            }
@ -128,6 +129,7 @@
            impermanence.nixosModules.impermanence
            agenix.nixosModules.default
            ./hosts/fujitsu
            ./shared/caddy
            ./shared
            {
              nixpkgs.overlays = [ self.overlays.default ];
@ -140,6 +142,7 @@
          modules = [
            ./hosts/falkenstein
            ./shared
            ./shared/caddy
            {
              nixpkgs.overlays = [ self.overlays.default ];
            }
--- a/hosts/falkenstein/modules/caddy/default.nix
+++ b/hosts/falkenstein/modules/caddy/default.nix
@ -17,22 +17,6 @@ let
 in
 {
  services.caddy = {
    enable = true;
    email = "ca@${config.networking.domain}";
    logFormat = "format console";
    globalConfig = ''
      servers {
        metrics
      }
    '';
    virtualHosts.":2018" = {
      extraConfig = ''
        metrics
      '';
      logFormat = ''
        output discard
      '';
    };
    virtualHosts."${config.networking.domain}".extraConfig = ''
      file_server browse
      root * /srv/web/${config.networking.domain}
@ -40,7 +24,4 @@ in
      respond /.well-known/matrix/server ${builtins.toJSON serverConfig}
    '';
  };
  systemd.services.caddy.environment.XDG_DATA_HOME = "/var/lib";
  networking.firewall.allowedTCPPorts = [ 80 443 2018 ];
  networking.firewall.allowedUDPPorts = [ 443 ];
 }
--- a/hosts/nuc/default.nix
+++ b/hosts/nuc/default.nix
@ -5,6 +5,7 @@
      # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./modules/authentik
      ./modules/atuin
      ./modules/networks
      ./modules/adguard
      ./modules/backup
@ -15,7 +16,6 @@
      ./modules/monitoring
      ./modules/torrent
      ./modules/vaultwarden
      ./modules/caddy
      ./modules/indexing
    ];
--- a/shared/caddy/default.nix
+++ b/shared/caddy/default.nix
@ -0,0 +1,24 @@
 { config, ... }:
 {
  services.caddy = {
    enable = true;
    email = "ca@${config.networking.domain}";
    logFormat = "format console";
    globalConfig = ''
      servers {
        metrics
      }
    '';
    virtualHosts.":2018" = {
      extraConfig = ''
        metrics
      '';
      logFormat = ''
        output discard
      '';
    };
  };
  systemd.services.caddy.environment.XDG_DATA_HOME = "/var/lib";
  networking.firewall.allowedTCPPorts = [ 80 443 ];
  networking.firewall.allowedUDPPorts = [ 443 ];
 }
--- a/shared/zsh.nix
+++ b/shared/zsh.nix
@ -26,6 +26,8 @@ in
    iperf
    jq
    helix
    nushell
    atuin
  ];
  users.defaultUserShell = pkgs.zsh;
  programs.fzf = {
@ -68,6 +70,8 @@ in
          zstyle ':completion:*:complete:networkctl:*' list-grouped true
          source ${pkgs.agdsn-zsh-config}/etc/zsh/zshrc
          source ${pkgs.zsh-fzf-tab}/share/fzf-tab/fzf-tab.plugin.zsh
          source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
          zvm_after_init_commands+=(eval "$(atuin init zsh)")
          unsetopt extendedglob
@ -100,7 +104,6 @@ in
          # then
          #   cat ${../images/cat.sixel}
          # fi
          eval "$(${pkgs.mcfly}/bin/mcfly init zsh)"
          eval "$(${pkgs.zoxide}/bin/zoxide init zsh)"
        '';
    };