bump
This commit is contained in:
parent
72f0952455
commit
c72b1558ca
2 changed files with 16 additions and 15 deletions
|
|
@ -3,24 +3,26 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
|
{
|
||||||
config = {
|
config = {
|
||||||
systemd.services.caddy.serviceConfig.Restart = lib.mkForce "always";
|
systemd.services.caddy.serviceConfig.Restart = lib.mkForce "always";
|
||||||
networking.firewall.allowedTCPPorts = [443];
|
networking.firewall.allowedTCPPorts = [ 443 ];
|
||||||
services.caddy = {
|
services.caddy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
email = "hen" + "ry@he" + "nryhi" + "les.c" + "om";
|
email = "hen" + "ry@he" + "nryhi" + "les.c" + "om";
|
||||||
environmentFile = config.age.secrets."base64JwtSecret.age".path;
|
environmentFile = config.age.secrets."base64JwtSecret.age".path;
|
||||||
package = pkgs.caddy.withPlugins {
|
package = pkgs.caddy.withPlugins {
|
||||||
plugins = ["github.com/ggicci/caddy-jwt@v1.1.0"];
|
plugins = [ "github.com/ggicci/caddy-jwt@v1.1.0" ];
|
||||||
hash = "sha256-RvpZh7iL5vsuvTTSHYYu2blAdO0tINxWWuT9IPlni7o=";
|
hash = "sha256-ZpPFPJwjIEpF7NpbfmeGvM3auM8W0KZU9GoCDKC0HQM=";
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualHosts =
|
virtualHosts = lib.mapAttrs (domain: host: {
|
||||||
lib.mapAttrs (domain: host: {
|
extraConfig =
|
||||||
extraConfig = let
|
let
|
||||||
auth = "https://auth.federated.nexus";
|
auth = "https://auth.federated.nexus";
|
||||||
in ''
|
in
|
||||||
|
''
|
||||||
handle_errors 401 {
|
handle_errors 401 {
|
||||||
redir https://federated.nexus/login?redirect_uri=${auth}/bridge?redirect_uri=https://${domain}{uri} 302
|
redir https://federated.nexus/login?redirect_uri=${auth}/bridge?redirect_uri=https://${domain}{uri} 302
|
||||||
}
|
}
|
||||||
|
|
@ -36,13 +38,12 @@
|
||||||
${host}
|
${host}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
})
|
}) config.services.caddy.authedHosts;
|
||||||
config.services.caddy.authedHosts;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
options.services.caddy.authedHosts = lib.mkOption {
|
options.services.caddy.authedHosts = lib.mkOption {
|
||||||
type = lib.types.attrsOf lib.types.lines;
|
type = lib.types.attrsOf lib.types.lines;
|
||||||
default = [];
|
default = [ ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
8
flake.lock
generated
8
flake.lock
generated
|
|
@ -425,11 +425,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1757826201,
|
"lastModified": 1758149649,
|
||||||
"narHash": "sha256-TY080DNfqLq61PweM2W8aPM/+/uMNbexh7lxw2EVvB0=",
|
"narHash": "sha256-jL/6GwVTu/vCHdBg0+5IZEfalHJHBzDeroJDdvC9Nms=",
|
||||||
"ref": "refs/heads/main",
|
"ref": "refs/heads/main",
|
||||||
"rev": "3dd04bd9dfe5bc49876f1e90a74592a12f642131",
|
"rev": "0672ce5b88ee9dad0cda778e1d19db4bab791351",
|
||||||
"revCount": 5541,
|
"revCount": 5557,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://forgejo.ellis.link/continuwuation/continuwuity"
|
"url": "https://forgejo.ellis.link/continuwuation/continuwuity"
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue