config/server/caddy/default.nix at main

encode42.dev / nixos

fork atom

Personal-use NixOS configuration

fork atom

nixos / config / server / caddy / default.nix

at main 40 lines 793 B view raw

wrap content

encode42.dev Move software and package configurations to `config` 14d ago

e163a950

 1{ email }:
 2
 3{ pkgs, ... }:
 4
 5{
 6  services.caddy = {
 7    enable = true;
 8
 9    inherit email;
10
11    enableReload = false;
12
13    globalConfig = ''
14      servers {
15        trusted_proxies cloudflare {
16          interval 12h
17          timeout 15s
18        }
19      }
20
21      order scgi after reverse_proxy
22    '';
23
24    package = pkgs.caddy.withPlugins {
25      plugins = [
26        "github.com/caddy-dns/cloudflare@v0.2.1"
27        "github.com/WeidiDeng/caddy-cloudflare-ip@v0.0.0-20231130002422-f53b62aa13cb"
28        "github.com/BadAimWeeb/caddy-uwsgi-transport@v0.0.0-20240317192154-74a1008b9763"
29        "github.com/Elegant996/scgi-transport@v1.1.6"
30      ];
31
32      hash = "sha256-QNDVztTcO66k47eFb5b0OyOfnCHuI5ret8Dwk7t+gSY=";
33    };
34  };
35
36  networking.firewall.allowedTCPPorts = [
37    80
38    443
39  ];
40}