SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 19:51:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

caddy: Refactor slightly

Browse source
This commit is contained in:
SebastianStork 2025-09-23 20:23:58 +02:00
parent 930e635a51
commit 8ecd6e51e6
1 changed files with 8 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

17
modules/system/services/caddy.nix
View file

@ -13,18 +13,14 @@ let
isTailscaleDomain = domain: domain |> lib.hasSuffix config.custom.services.tailscale.domain; isTailscaleDomain = domain: domain |> lib.hasSuffix config.custom.services.tailscale.domain;
tailscaleHosts = virtualHosts |> lib.filter (value: isTailscaleDomain value.domain); tailscaleHosts = virtualHosts |> lib.filter (value: isTailscaleDomain value.domain);
tailscaleHostsExist = tailscaleHosts != [ ];
nonTailscaleHosts = virtualHosts |> lib.filter (value: !isTailscaleDomain value.domain); nonTailscaleHosts = virtualHosts |> lib.filter (value: !isTailscaleDomain value.domain);
nonTailscaleHostsExist = nonTailscaleHosts != [ ];
getSubdomain = domain: domain |> lib.splitString "." |> lib.head;
getRootDomain = domain: domain |> lib.splitString "." |> lib.tail |> lib.concatStringsSep ".";
webPorts = [ webPorts = [
80 80
443 443
]; ];
getSubdomain = domain: domain |> lib.splitString "." |> lib.head;
in in
{ {
options.custom.services.caddy = { options.custom.services.caddy = {
@ -95,7 +91,7 @@ in
custom.persist.directories = [ "/var/lib/caddy" ]; custom.persist.directories = [ "/var/lib/caddy" ];
} }
(lib.mkIf nonTailscaleHostsExist { (lib.mkIf (nonTailscaleHosts != [ ]) {
sops = { sops = {
secrets."porkbun/api-key" = { secrets."porkbun/api-key" = {
owner = user; owner = user;
@ -127,6 +123,7 @@ in
''; '';
virtualHosts = virtualHosts =
let let
getRootDomain = domain: domain |> lib.splitString "." |> lib.tail |> lib.concatStringsSep ".";
mkWildCardDomain = name: values: { mkWildCardDomain = name: values: {
name = "*.${name}"; name = "*.${name}";
value = { value = {
@ -147,11 +144,13 @@ in
}; };
}; };
in in
nonTailscaleHosts |> lib.groupBy (x: x.domain |> getRootDomain) |> lib.mapAttrs' mkWildCardDomain; nonTailscaleHosts
|> lib.groupBy (value: getRootDomain value.domain)
|> lib.mapAttrs' mkWildCardDomain;
}; };
}) })
(lib.mkIf tailscaleHostsExist { (lib.mkIf (tailscaleHosts != [ ]) {
sops.secrets."tailscale/service-auth-key" = { sops.secrets."tailscale/service-auth-key" = {
owner = user; owner = user;
restartUnits = [ "caddy.service" ]; restartUnits = [ "caddy.service" ];