From e754d926ebf7549ca352eab4f8cd2d3a5dc3ae2d Mon Sep 17 00:00:00 2001 From: = <=> Date: Sun, 19 Jan 2025 17:56:26 +0100 Subject: [PATCH] fix: build custom caddy --- modules/networking/caddy.nix | 2 +- modules/services/nextcloud.nix | 16 +++------------- packages/caddy.nix | 7 ++----- secrets/cloudflare-pasetto-apiKey.age | 24 ++++++++++++------------ 4 files changed, 18 insertions(+), 31 deletions(-) diff --git a/modules/networking/caddy.nix b/modules/networking/caddy.nix index 9a54237..ca87c55 100644 --- a/modules/networking/caddy.nix +++ b/modules/networking/caddy.nix @@ -96,7 +96,7 @@ in version = "7c818ab3fc3485a72a346f85c77810725f19f9cf"; } ]; - vendorHash = "sha256-AWKokxGG2iCouhet5cPiKTuL9g9RQihkBRReU1nw9jc="; + vendorHash = "sha256-vkJw/92zXt5S2eUxRSjtwn1nqU/f+WHPEG8AD4Z342I="; }; globalConfig = diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index e618987..ef9baf2 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -32,7 +32,7 @@ in }; subdomain = lib.mkOption { - default = "nextcloud"; + default = "cloud"; type = lib.types.str; description = '' The subdomain where Nextcloud is reachable @@ -51,7 +51,7 @@ in default = "localhost"; type = lib.types.str; description = '' - host name where the download manager stack is running + host name where nextcloud is running ''; }; @@ -74,10 +74,7 @@ in overwriteProtocol = "https"; defaultPhoneRegion = "IT"; trusted_proxies = [ "192.168.1.150" ]; - trusted_domains = [ - "cloud.${cfg.proxy.domain}" - "nextcloud.internal" - ]; + trusted_domains = [ "cloud.${cfg.proxy.domain}" ]; maintenance_window_start = 1; enabledPreviewProviders = [ "OC\\Preview\\BMP" @@ -152,13 +149,6 @@ in # hostname = "office.${cfg.proxy.domain}"; }; - nginx.virtualHosts = { - ${config.services.nextcloud.hostName} = { - forceSSL = false; - enableACME = false; - }; - }; - }; networking.firewall.allowedTCPPorts = [ diff --git a/packages/caddy.nix b/packages/caddy.nix index 36ab38b..dc1b943 100644 --- a/packages/caddy.nix +++ b/packages/caddy.nix @@ -67,7 +67,6 @@ buildGoModule rec { ]; modBuildPhase = '' - export GOPROXY=https://proxy.golang.org,direct for module in ${builtins.toString (attrsToModules externalPlugins)}; do sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go done @@ -75,7 +74,7 @@ buildGoModule rec { go get $plugin done - go mod tidy + go generate go mod vendor ''; @@ -85,11 +84,9 @@ buildGoModule rec { ''; preBuild = '' - export GOPROXY=https://proxy.golang.org,direct chmod -R u+w vendor [ -f vendor/go.mod ] && mv -t . vendor/go.{mod,sum} - go mod tidy - go mod vendor + go generate for module in ${builtins.toString (attrsToModules externalPlugins)}; do sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go diff --git a/secrets/cloudflare-pasetto-apiKey.age b/secrets/cloudflare-pasetto-apiKey.age index 470c0e0..8406f02 100644 --- a/secrets/cloudflare-pasetto-apiKey.age +++ b/secrets/cloudflare-pasetto-apiKey.age @@ -1,13 +1,13 @@ age-encryption.org/v1 --> ssh-ed25519 BFt3Fg ALkuyiPqJ5kebeMcFEZtdw9k/fbiHCun0lVsPavM1EA -z+4m3P0Gg8dMGIX1Kg5sJZasDEo2zRWtHTyAyXBSnv4 --> ssh-ed25519 Si3UKw vAYzJ4Ev8KqkdZRuOvoaY9duuOapDXosuiIq7FVmUCI -dvy/TaSkkTzTdSYxAbjaPXzdg8Y3NguVwn1FOJ8CyCg --> ssh-ed25519 3UG3uw TZZAgl+pm8AjLUHWbkVvv/g/82NgdXZf5plqu6M7Qgo -N+Prh0DkpCH4z8MG1A/9XsgdwDCv3Qw5e9lgQ70NjXQ --> ssh-ed25519 JEhtoQ CWTwB5xqxa/g91G1S1Zb9I+MjG8ABfmYYdGaUD2vWSw -q6T1TKRXpOhaiON+jlc9frsKOTf+y+beFioUhACS6sY --> ssh-ed25519 uqg2jw nN9W3c+YdyQY27k3WnvvPeoot969m7HcEvifNSaQn00 -Wjff3/g/HIh+AN8MkEXolQUNnaumUXwVslSb1qGYgRc ---- I4XkNColHk83ecj+RRdiae+VUsKhoWUhQE7xpLOEkfg -HyH[%p%h9D#![M]lێű8*R%Lo^ixO+&M+Lr+HI* ]txxrԕS \ No newline at end of file +-> ssh-ed25519 BFt3Fg 4pJuaN/lGfNnwIuDpW0qkiBpwlRs0OADsCLt5MHY33U +GYMcfn66J16evqzkG19liK+BlGBksgR2VReTFE7nLkU +-> ssh-ed25519 Si3UKw T7vqqi7QZNoYF0QqmCnw/B2WJ49TxpRtA2sGACIPSRE +dqxx0WPDkqnnSJDNrXu06aY6ono7K31NIwJfIYhc1ks +-> ssh-ed25519 3UG3uw mqwNTQ+sQojeYM3F4709xUB8Z6g4ysmvVUaA0OglpA4 +/KYCk7G0Js/4/K7B4WyMaRVWFwPGhVAVZ7nrtbpK3Fk +-> ssh-ed25519 JEhtoQ F2TBWq66Uo45IRXfb9MS/nGJVGdNeE6DEOF7QNE8ulk +cq/bbQKA+zxiZlndtPh4wWriDclIM4DnkhCq8O7DfLk +-> ssh-ed25519 uqg2jw l06HBpXeLwo2Y+9zAFTbhNgPLujKTvatBnA8inGH6UQ +zckhZwGU638l24yqpGq+JH7BkEjghbWFq47yNo0U/V8 +--- e6COa661YMoYV1rS+TxL5qaNeIjuwexesr1SOY+y+SA +Ї ،'зw"OnҔΚ疙1x$˘kNE~:JF&Ig{;6@ t@m6F \ No newline at end of file