SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-22 21:19:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

caddy: Rework assertions

Browse source
This commit is contained in:
SebastianStork 2026-02-02 18:52:16 +01:00
parent 586a0907d4
commit 93652012d0
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
1 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/system/services/caddy.nix
View file

@ -86,10 +86,18 @@ in
config = lib.mkIf (virtualHosts != [ ]) ( config = lib.mkIf (virtualHosts != [ ]) (
lib.mkMerge [ lib.mkMerge [
{ {
assertions = lib.singleton { assertions =
assertion = virtualHosts |> lib.all ({ port, files, ... }: lib.xor (port != null) (files != null)); virtualHosts
message = "Each caddy virtual host must set exactly one of `port` or `files`"; |> lib.concatMap (vHost: [
}; {
assertion = (vHost.port == null) || (vHost.files == null);
message = "Caddy virtual host `${vHost.domain}` cannot set both `port` and `files`";
}
{
assertion = (vHost.port != null) || (vHost.files != null) || (vHost.extraConfig != null);
message = "Caddy virtual host `${vHost.domain}` must set at least one of `port`, `files` or `extraConfig`";
}
]);
networking.firewall.allowedTCPPorts = lib.mkIf publicHostsExist [ networking.firewall.allowedTCPPorts = lib.mkIf publicHostsExist [
80 80