SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 16:21:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

caddy: Simplify with HostsExist variables

Browse source
This commit is contained in:
SebastianStork 2025-11-03 23:34:34 +01:00
parent 3ddcc430a6
commit 145e76cec7
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/system/services/caddy.nix
View file

@ -11,8 +11,8 @@ let
virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable); virtualHosts = cfg.virtualHosts |> lib.attrValues |> lib.filter (value: value.enable);
tailscaleHosts = virtualHosts |> lib.filter (value: lib'.isTailscaleDomain value.domain); publicHostsExist = virtualHosts |> lib.any (value: !lib'.isTailscaleDomain value.domain);
nonTailscaleHosts = virtualHosts |> lib.filter (value: !lib'.isTailscaleDomain value.domain); tailscaleHostsExist = virtualHosts |> lib.any (value: lib'.isTailscaleDomain value.domain);
webPorts = [ webPorts = [
80 80
@ -86,12 +86,12 @@ in
custom.persist.directories = [ "/var/lib/caddy" ]; custom.persist.directories = [ "/var/lib/caddy" ];
} }
(lib.mkIf (nonTailscaleHosts != [ ]) { (lib.mkIf publicHostsExist {
meta.ports.tcp.list = webPorts; meta.ports.tcp.list = webPorts;
networking.firewall.allowedTCPPorts = webPorts; networking.firewall.allowedTCPPorts = webPorts;
}) })
(lib.mkIf (tailscaleHosts != [ ]) { (lib.mkIf tailscaleHostsExist {
sops.secrets."tailscale/service-auth-key" = { sops.secrets."tailscale/service-auth-key" = {
owner = user; owner = user;
restartUnits = [ "caddy.service" ]; restartUnits = [ "caddy.service" ];