{
  lib,
  pkgs,
  ...
}: {
  services.caddy = {
    enable = true;
    package = pkgs.my-pkgs.caddy.overrideAttrs ( old:{
      plugins = ["github.com/caddy-dns/cloudflare" "github.com/greenpau/caddy-security"];
      vendorSha256 = "sha256-1SBOXv2RGLlTT/mguPjTASU5AeQNIVySgVMgvu5BH6w=";
    });
    extraConfig = ''
      cache.mrhedgehog.xyz {
        tls {
          dns cloudflare {env.CF_AUTH_TOKEN}
        }
        reverse_proxy http://localhost:5000
      }
      hydra.mrhedgehog.xyz {
        tls {
          dns cloudflare {env.CF_AUTH_TOKEN}
        }
        reverse_proxy http://localhost:3000
      }
      reddit.mrhedgehog.xyz {
        tls {
          dns cloudflare {env.CF_AUTH_TOKEN}
        }
        reverse_proxy http://localhost:4000
      }
    '';
    envFile = config.age.secrets.marvinCfToken.path;
  };
}