pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Clean up caddy module

Browse source
This commit is contained in:
pazpi 2025-09-29 18:29:17 +02:00
parent ae2bf387f5
commit 67483e3373
6 changed files with 31 additions and 272 deletions
Download patch file Download diff file Expand all files Collapse all files

67
hosts/caddy/default.nix
View file

@ -35,10 +35,10 @@ in
}; };
dashy = { dashy = {
enable = true; enable = false;
settings = import ./dashy-settings.nix; settings = import ./dashy-settings.nix;
proxy = { proxy = {
enable = true; enable = false;
domain = p.domains.public; domain = p.domains.public;
host = p.hosts.caddy; host = p.hosts.caddy;
}; };
@ -56,35 +56,27 @@ in
host = p.hosts.immich; host = p.hosts.immich;
}; };
media-mgr = { media-mgr.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.arr;
host = p.hosts.arr;
};
}; };
nextcloud = { nextcloud.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.nextcloud;
host = p.hosts.nextcloud;
};
}; };
paperless = { paperless.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.paperless;
host = p.hosts.paperless;
};
}; };
searx = { searx = {
enable = true; enable = true;
secretFile = config.age.secrets.searx-secret.path; secretFile = config.age.secrets.searx-secret.path;
enableAI = true;
perplexicaUrl = p.hosts.portainer;
proxy = { proxy = {
enable = true; enable = true;
domain = p.domains.public; domain = p.domains.public;
@ -92,31 +84,24 @@ in
}; };
}; };
vaultwarden = { vaultwarden.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.vaultwarden;
host = p.hosts.vaultwarden;
};
}; };
}; };
monitoring = { monitoring = {
prometheus = { prometheus.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.metrics;
host = p.hosts.metrics;
};
}; };
grafana = { grafana.proxy = {
proxy = { enable = true;
enable = true; domain = p.domains.public;
domain = p.domains.public; host = p.hosts.metrics;
host = p.hosts.metrics;
};
}; };
uptime-kuma.proxy = { uptime-kuma.proxy = {

19
modules/networking/caddy.nix
View file

@ -111,21 +111,12 @@ in
services.caddy = { services.caddy = {
enable = true; enable = true;
# Waiting for https://github.com/NixOS/nixpkgs/issues/14671 to be released package = pkgs.caddy.withPlugins {
package = pkgs.callPackage ../../packages/caddy.nix { hash = "sha256-OjDL7n9cLtguqtiKO9uYYac2INzP9XazkjNfghJ0j/o=";
externalPlugins = [ plugins = [
{ "github.com/caddy-dns/cloudflare@v0.2.2-0.20250724223520-f589a18c0f5d"
name = "cloudflare"; "github.com/mholt/caddy-dynamicdns@v0.0.0-20250430031602-b846b9e8fb83"
repo = "github.com/caddy-dns/cloudflare";
version = "188b4850c0f2f5565a6310810c936ea960e2210f";
}
{
name = "dynamicdns";
repo = "github.com/mholt/caddy-dynamicdns";
version = "7c818ab3fc3485a72a346f85c77810725f19f9cf";
}
]; ];
vendorHash = "sha256-7JfEZjHeQ8F/+OltCrBUO/Cf8+GwF9d3UDcSd17pcxU=";
}; };
globalConfig = '' globalConfig = ''

31
modules/services/searx.nix
View file

@ -20,22 +20,6 @@ in
''; '';
}; };
enableAI = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Enable alternative search engine with AI. Requires [Perplexica](https://github.com/ItzCrazyKns/Perplexica)
'';
};
perplexicaUrl = lib.mkOption {
default = "";
type = lib.types.str;
description = ''
URL to the Perplexica instance. It assumes that the Perplexica instance is running on port 3000 and the API on port 3001
'';
};
proxy = { proxy = {
enable = lib.mkEnableOption "Set the proxy entry for this service"; enable = lib.mkEnableOption "Set the proxy entry for this service";
@ -114,21 +98,6 @@ in
import cloudflare_${domain} import cloudflare_${domain}
''; '';
virtualHosts."${perplexicaSubdomain}.${domain}".extraConfig = lib.mkIf cfg.enableAI ''
@websockets {
header Connection *Upgrade*
header Upgrade websocket
}
reverse_proxy ${cfg.perplexicaUrl}:3000
reverse_proxy /api* ${cfg.perplexicaUrl}:3001
reverse_proxy @websockets {
header_up Host ${cfg.perplexicaUrl}
to ${cfg.perplexicaUrl}:3001
}
import cloudflare_${domain}
'';
}; };
}) })
]; ];

55
overlay/caddy-custom.nix
View file

@ -1,55 +0,0 @@
{ pkgs, ... }:
with pkgs;
caddy.override {
buildGoModule =
args:
buildGoModule (
args
// {
src = stdenv.mkDerivation rec {
pname = "caddy-using-xcaddy-${xcaddy.version}";
inherit (caddy) version;
dontUnpack = true;
dontFixup = true;
nativeBuildInputs = [
cacert
go
];
plugins = [ "github.com/caddy-dns/cloudflare@89f16b99c18ef49c8bb470a82f895bce01cbaece" ];
configurePhase = ''
export GOCACHE=$TMPDIR/go-cache
export GOPATH="$TMPDIR/go"
export XCADDY_SKIP_BUILD=1
'';
buildPhase = ''
${xcaddy}/bin/xcaddy build "${caddy.src.rev}" ${
lib.concatMapStringsSep " " (plugin: "--with ${plugin}") plugins
}
cd buildenv*
go mod vendor
'';
installPhase = ''
cp -r --reflink=auto . $out
'';
outputHash = "sha256-lyhEIOgGkR31bt9YV+W854TBZw419G8uuTtBSsFcgCA=";
outputHashMode = "recursive";
};
subPackages = [ "." ];
ldflags = [
"-s"
"-w"
]; # # don't include version info twice
vendorHash = null;
}
);
}

1
overlay/default.nix
View file

@ -1 +0,0 @@
_: prev: { caddy-custom = prev.callPackage ./caddy-custom.nix { }; }

130
packages/caddy.nix
View file

@ -1,130 +0,0 @@
{
lib,
buildGoModule,
fetchFromGitHub,
gnused,
nixosTests,
caddy,
testers,
installShellFiles,
externalPlugins ? [ ],
vendorHash ? "sha256-G7danupoc7BRyJJWzzyRP6CSOShA+oCLcUWMCnrLF2c=",
}:
let
attrsToModules =
attrs:
builtins.map (
{
name,
repo,
version,
}:
"${repo}"
) attrs;
attrsToSources =
attrs:
builtins.map (
{
name,
repo,
version,
}:
"${repo}@${version}"
) attrs;
in
buildGoModule rec {
pname = "caddy";
version = "2.9.1";
dist = fetchFromGitHub {
owner = "caddyserver";
repo = "dist";
rev = "v${version}";
hash = "sha256-O4s7PhSUTXoNEIi+zYASx8AgClMC5rs7se863G6w+l0=";
};
src = fetchFromGitHub {
owner = "caddyserver";
repo = "caddy";
rev = "v${version}";
hash = "sha256-th0R3Q1nGT0q5PGOygtD1/CpJmrT5TYagrwQR4t/Fvg=";
};
inherit vendorHash;
subPackages = [ "cmd/caddy" ];
ldflags = [
"-s"
"-w"
"-X github.com/caddyserver/caddy/v2.CustomVersion=${version}"
];
nativeBuildInputs = [
gnused
installShellFiles
];
modBuildPhase = ''
for module in ${builtins.toString (attrsToModules externalPlugins)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
for plugin in ${builtins.toString (attrsToSources externalPlugins)}; do
go get $plugin
done
go generate
go mod vendor
'';
modInstallPhase = ''
mv -t vendor go.mod go.sum
cp -r --reflink=auto vendor "$out"
'';
preBuild = ''
chmod -R u+w vendor
[ -f vendor/go.mod ] && mv -t . vendor/go.{mod,sum}
go generate
for module in ${builtins.toString (attrsToModules externalPlugins)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
'';
postInstall = ''
install -Dm644 ${dist}/init/caddy.service ${dist}/init/caddy-api.service -t $out/lib/systemd/system
substituteInPlace $out/lib/systemd/system/caddy.service --replace "/usr/bin/caddy" "$out/bin/caddy"
substituteInPlace $out/lib/systemd/system/caddy-api.service --replace "/usr/bin/caddy" "$out/bin/caddy"
$out/bin/caddy manpage --directory manpages
installManPage manpages/*
installShellCompletion --cmd caddy \
--bash <($out/bin/caddy completion bash) \
--fish <($out/bin/caddy completion fish) \
--zsh <($out/bin/caddy completion zsh)
'';
passthru.tests = {
inherit (nixosTests) caddy;
version = testers.testVersion {
command = "${caddy}/bin/caddy version";
package = caddy;
};
};
meta = with lib; {
homepage = "https://caddyserver.com";
description = "Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS";
license = licenses.asl20;
mainProgram = "caddy";
maintainers = with maintainers; [
Br1ght0ne
emilylange
techknowlogick
];
};
}