From 93652012d093b5cee0494d4ff4e5f7acb08ae710 Mon Sep 17 00:00:00 2001
From: SebastianStork <git@sstork.dev>
Date: Mon, 2 Feb 2026 18:52:16 +0100
Subject: [PATCH] caddy: Rework assertions

---
 modules/system/services/caddy.nix | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/modules/system/services/caddy.nix b/modules/system/services/caddy.nix
index 84b026f..10f1bdc 100644
--- a/modules/system/services/caddy.nix
+++ b/modules/system/services/caddy.nix
@@ -86,10 +86,18 @@ in
   config = lib.mkIf (virtualHosts != [ ]) (
     lib.mkMerge [
       {
-        assertions = lib.singleton {
-          assertion = virtualHosts |> lib.all ({ port, files, ... }: lib.xor (port != null) (files != null));
-          message = "Each caddy virtual host must set exactly one of `port` or `files`";
-        };
+        assertions =
+          virtualHosts
+          |> lib.concatMap (vHost: [
+            {
+              assertion = (vHost.port == null) || (vHost.files == null);
+              message = "Caddy virtual host `${vHost.domain}` cannot set both `port` and `files`";
+            }
+            {
+              assertion = (vHost.port != null) || (vHost.files != null) || (vHost.extraConfig != null);
+              message = "Caddy virtual host `${vHost.domain}` must set at least one of `port`, `files` or `extraConfig`";
+            }
+          ]);
 
         networking.firewall.allowedTCPPorts = lib.mkIf publicHostsExist [
           80