Add caddy module with tailscale integration

2026-01-21 15:11:34 +01:00 · 2025-05-29 01:05:42 +02:00 · 2025-05-29 01:05:42 +02:00 · e909dcd866
commit e909dcd866
parent 1f4b3e734b
6 changed files with 164 additions and 147 deletions
--- a/hosts/alto/default.nix
+++ b/hosts/alto/default.nix
@ -1,8 +1,4 @@
 { config, ... }:
-let
-  tsDomain = config.custom.services.tailscale.domain;
-  portOf = service: config.custom.services.${service}.port;
-in
 {
  system.stateVersion = "24.11";

@ -20,28 +16,6 @@ in
          isFunnel = true;
          target = toString ./hedgedoc-redirect.html;
        };
-
-        caddyServe = {
-          nextcloud = {
-            subdomain = "cloud";
-            port = portOf "nextcloud";
-          };
-          actualbudget = {
-            subdomain = "budget";
-            port = portOf "actualbudget";
-          };
-        };
-      };
-
-      nextcloud = {
-        enable = true;
-        domain = "cloud.${tsDomain}";
-        backups.enable = true;
-      };
-      actualbudget = {
-        enable = true;
-        domain = "budget.${tsDomain}";
-        backups.enable = true;
      };

      syncthing = {
@ -50,6 +24,26 @@ in
        isServer = true;
        backups.enable = true;
      };
+
+      nextcloud = {
+        enable = true;
+        domain = "cloud.${config.custom.services.tailscale.domain}";
+        backups.enable = true;
+      };
+      actualbudget = {
+        enable = true;
+        domain = "budget.${config.custom.services.tailscale.domain}";
+        backups.enable = true;
+      };
+
+      caddy.virtualHosts = {
+        nextcloud = {
+          inherit (config.custom.services.nextcloud) domain port;
+        };
+        actualbudget = {
+          inherit (config.custom.services.actualbudget) domain port;
+        };
+      };
    };
  };
 }
--- a/hosts/cirrus/default.nix
+++ b/hosts/cirrus/default.nix
@ -30,23 +30,15 @@
        enable = true;
        domain = "git.sstork.dev";
      };
+
+      caddy.virtualHosts = {
+        hedgedoc = {
+          inherit (config.custom.services.hedgedoc) domain port;
+        };
+        forgejo = {
+          inherit (config.custom.services.forgejo) domain port;
+        };
+      };
    };
  };
-
-  services.caddy = {
-    enable = true;
-    virtualHosts = {
-      ${config.custom.services.hedgedoc.domain}.extraConfig = ''
-        reverse_proxy localhost:${toString config.custom.services.hedgedoc.port}
-      '';
-      ${config.custom.services.forgejo.domain}.extraConfig = ''
-        reverse_proxy localhost:${toString config.custom.services.forgejo.port}
-      '';
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
 }