diff --git a/flake.lock b/flake.lock index 49f2262..cfc6a29 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,20 @@ { "nodes": { + "caddy-nix": { + "locked": { + "lastModified": 1732948222, + "narHash": "sha256-kUWyjeqkU+RHTHVXT61QF19eW2vnWgah5OcPrUlU8oU=", + "owner": "vincentbernat", + "repo": "caddy-nix", + "rev": "9d13eb684b4ba1b2eb92e76f7ea1f517eccc4fe1", + "type": "github" + }, + "original": { + "owner": "vincentbernat", + "repo": "caddy-nix", + "type": "github" + } + }, "crane": { "inputs": { "nixpkgs": [ @@ -413,6 +428,7 @@ }, "root": { "inputs": { + "caddy-nix": "caddy-nix", "devshell": [ "rebmit", "devshell" diff --git a/flake.nix b/flake.nix index 769cfc9..f104eb2 100644 --- a/flake.nix +++ b/flake.nix @@ -64,6 +64,7 @@ url = "github:nix-community/nixpkgs-terraform-providers-bin"; inputs.nixpkgs.follows = "nixpkgs"; }; + caddy-nix.url = "github:vincentbernat/caddy-nix"; # libraries diff --git a/flake/nixpkgs.nix b/flake/nixpkgs.nix index d6c8684..e62dbbc 100644 --- a/flake/nixpkgs.nix +++ b/flake/nixpkgs.nix @@ -7,6 +7,9 @@ let inputs.rebmit.overlays.default inputs.nixpkgs-terraform-providers-bin.overlay + # TODO: wait for https://nixpkgs-tracker.ocfox.me/?pr=358586 + inputs.caddy-nix.overlays.default + (final: prev: { libadwaita = prev.libadwaita.overrideAttrs (old: { patches = (old.patches or [ ]) ++ [ diff --git a/nixos/profiles/services/caddy/default.nix b/nixos/profiles/services/caddy/default.nix index f8794f0..4b69f23 100644 --- a/nixos/profiles/services/caddy/default.nix +++ b/nixos/profiles/services/caddy/default.nix @@ -1,8 +1,17 @@ -{ config, mylib, ... }: +{ + config, + pkgs, + mylib, + ... +}: { services.caddy = { enable = true; enableReload = true; + package = pkgs.caddy.withPlugins { + plugins = [ "github.com/mholt/caddy-l4@3c6cc2c0ee0875899fde271fbdef95be3fef7a92" ]; + hash = "sha256-s5LzVOAvVsZxbhdgIdpe1OBSHIAc/tCi+1pEofeQx6k="; + }; }; systemd.services.caddy.serviceConfig = mylib.misc.serviceHardened // {