Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-14 16:55:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

convert caddy to nixos builtin

Browse source
This commit is contained in:
nora 2025-08-04 21:18:59 +02:00
parent 71b4ca1448
commit 33a7017375
18 changed files with 326 additions and 263 deletions
Download patch file Download diff file Expand all files Collapse all files

132
nix/modules/caddy/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, config, lib, name, my-projects-versions, ... }:
{ pkgs, config, lib, name, ... }:
let
caddy = pkgs.callPackage ./caddy-build.nix {
@ -11,15 +11,6 @@ let
];
vendorHash = "sha256-KP9bYitM/Pocw4DxOXPVBigWh4IykNf8yKJiBlTFZmI=";
};
website = import (fetchTarball "https://github.com/Noratrieb/website/archive/${my-projects-versions.website}.tar.gz");
blog = fetchTarball "https://github.com/Noratrieb/blog/archive/${my-projects-versions.blog}.tar.gz";
slides = fetchTarball "https://github.com/Noratrieb/slides/archive/${my-projects-versions.slides}.tar.gz";
website-build = website { inherit pkgs slides blog; };
hugo-chat-client = fetchTarball {
url =
"https://github.com/C0RR1T/HugoChat/releases/download/2024-08-05/hugo-client.tar.xz";
sha256 = "sha256:121ai8q6bm7gp0pl1ajfk0k2nrfg05zid61i20z0j5gpb2qyhsib";
};
in
{
environment.systemPackages = [ caddy ];
@ -43,79 +34,56 @@ in
services.caddy = {
enable = true;
package = caddy;
configFile = pkgs.writeTextFile {
name = "Caddyfile";
text = (
builtins.readFile ./base.Caddyfile +
''
${config.networking.hostName}.infra.noratrieb.dev {
log
encode zstd gzip
header -Last-Modified
root * ${import ./caddy-static-prepare {
name = "debugging-page";
src = ./debugging-page;
inherit pkgs lib;
}}
file_server {
etag_file_extensions .sha256
precompressed zstd gzip br
}
logFormat = ''
output stdout
format json
'';
globalConfig = ''
email noratrieb@proton.me
auto_https disable_redirects
storage s3 {
host "localhost:3900"
bucket "caddy-store"
# access_id ENV S3_ACCESS_ID
# secret_key ENV S3_SECRET_KEY
insecure true
}
servers {
metrics
}
'';
virtualHosts = {
"http://" = {
logFormat = "";
extraConfig = ''
respond "This is an HTTPS-only server, silly you. Go to https:// instead." 418
'';
};
":9010" = {
logFormat = "output discard";
extraConfig = ''
metrics /metrics
'';
};
"${name}.infra.noratrieb.dev" = {
logFormat = "";
extraConfig = ''
encode zstd gzip
header -Last-Modified
root * ${import ./caddy-static-prepare {
name = "debugging-page";
src = ./debugging-page;
inherit pkgs lib;
}}
file_server {
etag_file_extensions .sha256
precompressed zstd gzip br
}
${
if name == "vps1" || name == "vps3" || name == "vps4" then ''
noratrieb.dev {
log
encode zstd gzip
header -Last-Modified
root * ${import ./caddy-static-prepare {
name = "website";
src = website-build;
inherit pkgs lib;
}}
file_server {
etag_file_extensions .sha256
precompressed zstd gzip br
}
}
files.noratrieb.dev {
log
encode zstd gzip
reverse_proxy * localhost:3902
}
'' else ""
}
${if name == "vps1" then ''
hugo-chat.noratrieb.dev {
log
encode zstd gzip
root * ${import ./caddy-static-prepare {
name = "hugo-chat-client";
src = hugo-chat-client;
inherit pkgs lib;
}}
try_files {path} /index.html
file_server {
etag_file_extensions .sha256
precompressed zstd gzip br
}
}
'' else ""}
${
if name == "vps1" || name == "vps3" || name == "vps4" then
builtins.readFile ./${name}.Caddyfile else ""
}
''
);
checkPhase = ''
${lib.getExe caddy} --version
${lib.getExe caddy} validate --adapter=caddyfile --config=$out
'';
'';
};
};
};
}