caddy: Allow for protocol selection

2026-01-21 14:01:34 +01:00 · 2025-08-24 17:46:32 +02:00 · 2025-08-24 17:46:32 +02:00 · 5d2d29d16d
commit 5d2d29d16d
parent af9fd8b2c7
1 changed files with 21 additions and 8 deletions
--- a/modules/system/services/caddy.nix
+++ b/modules/system/services/caddy.nix
@ -22,13 +22,15 @@ let

  getSubdomain = domain: domain |> lib.splitString "." |> lib.head;

-  mkVirtualHostConfig = domain: port: {
-    logFormat = "output file ${config.services.caddy.logDir}/access-${domain}.log { mode 640 }";
-    extraConfig = ''
-      ${lib.optionalString (isTailscaleDomain domain) "bind tailscale/${getSubdomain domain}"}
-      reverse_proxy localhost:${builtins.toString port}
-    '';
-  };
+  mkVirtualHostConfig =
+    { domain, port, ... }:
+    {
+      logFormat = "output file ${config.services.caddy.logDir}/access-${domain}.log { mode 640 }";
+      extraConfig = ''
+        ${lib.optionalString (isTailscaleDomain domain) "bind tailscale/${getSubdomain domain}"}
+        reverse_proxy localhost:${builtins.toString port}
+      '';
+    };

  ports = [
    80
@ -54,6 +56,17 @@ in
              type = lib.types.port;
              default = null;
            };
+            protocol = lib.mkOption {
+              type = lib.types.enum [
+                "https"
+                "http"
+              ];
+              default = "https";
+            };
+            extraReverseProxyConfig = lib.mkOption {
+              type = lib.types.lines;
+              default = "";
+            };
          };
        }
      )
@ -75,7 +88,7 @@ in
          virtualHosts =
            virtualHosts
            |> lib.mapAttrs' (
-              _: value: lib.nameValuePair value.domain (mkVirtualHostConfig value.domain value.port)
+              _: value: lib.nameValuePair "${value.protocol}://${value.domain}" (mkVirtualHostConfig value)
            );
        };
      }