diff --git a/clients/quadraticserver/caddy.nix b/clients/quadraticserver/caddy.nix index 5fc13b6..0bff093 100644 --- a/clients/quadraticserver/caddy.nix +++ b/clients/quadraticserver/caddy.nix @@ -3,24 +3,26 @@ pkgs, lib, ... -}: { +}: +{ config = { systemd.services.caddy.serviceConfig.Restart = lib.mkForce "always"; - networking.firewall.allowedTCPPorts = [443]; + networking.firewall.allowedTCPPorts = [ 443 ]; services.caddy = { enable = true; email = "hen" + "ry@he" + "nryhi" + "les.c" + "om"; environmentFile = config.age.secrets."base64JwtSecret.age".path; package = pkgs.caddy.withPlugins { - plugins = ["github.com/ggicci/caddy-jwt@v1.1.0"]; - hash = "sha256-RvpZh7iL5vsuvTTSHYYu2blAdO0tINxWWuT9IPlni7o="; + plugins = [ "github.com/ggicci/caddy-jwt@v1.1.0" ]; + hash = "sha256-ZpPFPJwjIEpF7NpbfmeGvM3auM8W0KZU9GoCDKC0HQM="; }; - virtualHosts = - lib.mapAttrs (domain: host: { - extraConfig = let + virtualHosts = lib.mapAttrs (domain: host: { + extraConfig = + let auth = "https://auth.federated.nexus"; - in '' + in + '' handle_errors 401 { redir https://federated.nexus/login?redirect_uri=${auth}/bridge?redirect_uri=https://${domain}{uri} 302 } @@ -36,13 +38,12 @@ ${host} } ''; - }) - config.services.caddy.authedHosts; + }) config.services.caddy.authedHosts; }; }; options.services.caddy.authedHosts = lib.mkOption { type = lib.types.attrsOf lib.types.lines; - default = []; + default = [ ]; }; } diff --git a/flake.lock b/flake.lock index 05a7bb9..f7dcacc 100644 --- a/flake.lock +++ b/flake.lock @@ -425,11 +425,11 @@ ] }, "locked": { - "lastModified": 1757826201, - "narHash": "sha256-TY080DNfqLq61PweM2W8aPM/+/uMNbexh7lxw2EVvB0=", + "lastModified": 1758149649, + "narHash": "sha256-jL/6GwVTu/vCHdBg0+5IZEfalHJHBzDeroJDdvC9Nms=", "ref": "refs/heads/main", - "rev": "3dd04bd9dfe5bc49876f1e90a74592a12f642131", - "revCount": 5541, + "rev": "0672ce5b88ee9dad0cda778e1d19db4bab791351", + "revCount": 5557, "type": "git", "url": "https://forgejo.ellis.link/continuwuation/continuwuity" },