44 lines
971 B
Nix
44 lines
971 B
Nix
{
|
|
lib,
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
services.caddy = {
|
|
enable = true;
|
|
email = "hedgehog@mrhedgehog.xyz";
|
|
# globalConfig = ''
|
|
# '';
|
|
virtualHosts = {
|
|
"cache.thehedgehog.me" = {
|
|
extraConfig = ''
|
|
import cf_tls
|
|
reverse_proxy http://localhost:5000
|
|
'';
|
|
};
|
|
"hydra.thehedgehog.me" = {
|
|
extraConfig = ''
|
|
import cf_tls
|
|
reverse_proxy http://localhost:3000
|
|
'';
|
|
};
|
|
"reddit.thehedgehog.me" = {
|
|
extraConfig = ''
|
|
import cf_tls
|
|
reverse_proxy http://localhost:4000
|
|
'';
|
|
};
|
|
};
|
|
extraConfig = ''
|
|
(cf_tls) {
|
|
tls ${config.age.secrets.thehedgehog-pem.path} ${config.age.secrets.thehedgehog-key.path} {
|
|
protocols tls1.3
|
|
client_auth {
|
|
mode require_and_verify
|
|
trusted_ca_cert_file ${config.age.secrets.cloudflare-ca.path}
|
|
}
|
|
}
|
|
}
|
|
'';
|
|
};
|
|
}
|