nixos-config/modules/caddy.nix

{
  config,
  lib,
  ...
}:
let
  cfg = config.my.caddy;
in
{
  options.my.caddy = {
    enable = lib.mkEnableOption "caddy reverse proxy";
  };

  config = lib.mkIf cfg.enable {
    services.caddy = {
      enable = true;
      logFormat = lib.mkForce "level INFO";
      acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
      extraConfig = ''
        (common) {
          encode zstd gzip
          header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
        }
      '';
    };
  };
}
init Signed-off-by: cy <cy@cy7.sh> 2025-01-27 04:02:11 -05:00			`{`
			`config,`
			`lib,`
			`...`
			`}:`
			`let`
			`cfg = config.my.caddy;`
			`in`
			`{`
			`options.my.caddy = {`
			`enable = lib.mkEnableOption "caddy reverse proxy";`
			`};`

			`config = lib.mkIf cfg.enable {`
			`services.caddy = {`
			`enable = true;`
			`logFormat = lib.mkForce "level INFO";`
migrate chunk to caddy module Signed-off-by: cy <cy@cy7.sh> 2025-01-27 05:49:00 -05:00			`acmeCA = "https://acme-v02.api.letsencrypt.org/directory";`
			`extraConfig = ''`
			`(common) {`
			`encode zstd gzip`
			`header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"`
			`}`
			`'';`
init Signed-off-by: cy <cy@cy7.sh> 2025-01-27 04:02:11 -05:00			`};`
			`};`
			`}`