From f160a9be334ff373cba915c6601e3468174af95a Mon Sep 17 00:00:00 2001
From: SebastianStork <sebastian.stork@pm.me>
Date: Sat, 14 Jun 2025 01:53:24 +0200
Subject: [PATCH] Add uniqueness check for domains

---
 modules/system/meta/domains.nix   | 53 +++++++++++++++++++++++++++++++
 modules/system/meta/ports.nix     |  2 +-
 modules/system/services/caddy.nix |  6 +++-
 3 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 modules/system/meta/domains.nix

diff --git a/modules/system/meta/domains.nix b/modules/system/meta/domains.nix
new file mode 100644
index 0000000..9789ee2
--- /dev/null
+++ b/modules/system/meta/domains.nix
@@ -0,0 +1,53 @@
+{
+  config,
+  self,
+  lib,
+  ...
+}:
+let
+  cfg = config.meta.domains;
+
+  duplicatedDomains =
+    self.nixosConfigurations
+    |> lib.mapAttrsToList (_: value: value.options.meta.domains.list.definitionsWithLocations)
+    |> lib.concatLists
+    |> lib.concatMap (
+      entry:
+      map (domain: {
+        file = entry.file;
+        inherit domain;
+      }) entry.value
+    )
+    |> lib.groupBy (entry: toString entry.domain)
+    |> lib.filterAttrs (domain: entries: lib.length entries > 1);
+
+  errorMessage =
+    duplicatedDomains
+    |> lib.mapAttrsToList (
+      domain: entries:
+      "Duplicate domain \"${domain}\" found in:\n"
+      + lib.concatMapStrings (entry: "  - ${entry.file}\n") entries
+    )
+    |> lib.concatStrings;
+in
+{
+  options.meta.domains = {
+    list = lib.mkOption {
+      type = lib.types.listOf lib.types.nonEmptyStr;
+      default = [ ];
+      internal = true;
+    };
+    assertUnique = lib.mkEnableOption "" // {
+      default = true;
+    };
+  };
+
+  config = lib.mkIf cfg.assertUnique {
+    assertions = [
+      {
+        assertion = duplicatedDomains == { };
+        message = errorMessage;
+      }
+    ];
+  };
+}
diff --git a/modules/system/meta/ports.nix b/modules/system/meta/ports.nix
index 45b55b4..138fea7 100644
--- a/modules/system/meta/ports.nix
+++ b/modules/system/meta/ports.nix
@@ -13,7 +13,7 @@ let
       entry:
       map (port: {
         file = entry.file;
-        port = port;
+        inherit port;
       }) entry.value
     )
     |> lib.groupBy (entry: toString entry.port)
diff --git a/modules/system/services/caddy.nix b/modules/system/services/caddy.nix
index ec2fb31..f11cf2a 100644
--- a/modules/system/services/caddy.nix
+++ b/modules/system/services/caddy.nix
@@ -62,7 +62,11 @@ in
   config = lib.mkIf (virtualHosts != { }) (
     lib.mkMerge [
       {
-        meta.ports.list = lib.mkIf nonTailscaleHostsExist ports;
+        meta = {
+          ports.list = lib.mkIf nonTailscaleHostsExist ports;
+          domains.list = lib.mapAttrsToList (_: value: value.domain) virtualHosts;
+        };
+
         networking.firewall.allowedTCPPorts = lib.mkIf nonTailscaleHostsExist ports;
 
         services.caddy = {