From a9a3ee84139e743431fc87f94c5fb2ae803feb5f Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Mon, 27 Jan 2025 04:02:11 -0500
Subject: [PATCH] init

Signed-off-by: cy <cy@cy7.sh>
---
 modules/caddy.nix | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 modules/caddy.nix

diff --git a/modules/caddy.nix b/modules/caddy.nix
new file mode 100644
index 0000000..9ee9913
--- /dev/null
+++ b/modules/caddy.nix
@@ -0,0 +1,29 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.my.caddy;
+  commonExtraConfig = ''
+    encode zstd gzip
+    header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+  '';
+in
+{
+  options.my.caddy = {
+    enable = lib.mkEnableOption "caddy reverse proxy";
+    acmeCa = lib.mkOption {
+      type = lib.types.str;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.caddy = {
+      enable = true;
+      logFormat = lib.mkForce "level INFO";
+      acmeCa = "https://acme-v02.api.letsencrypt.org/directory";
+    };
+  };
+}