will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1
dots/modules/nixos/features/caddy.nix
wi11-holdsworth 3c46d9e066 feat: prepare for exposure to the internet 
* open ports 80 and 443
* password-protect copyparty and ntfy-sh
* randomise usernames for radicale and copyparty
2026-02-24 22:08:31 +11:00

29 lines
635 B
Nix
Raw Blame History

{
config,
...
}:
{
services.caddy = {
enable = true;
dataDir = "/srv/caddy";
globalConfig = ''
auto_https disable_redirects
'';
openFirewall = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "festive-steed-fit@duck.com";
certs."fi33.buzz" = {
group = config.services.caddy.group;
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
}
Reference in a new issue View git blame Copy permalink