nixos-config/config/services/caddy/default.nix

26 lines
518 B
Nix
Raw Normal View History

2022-08-26 15:28:14 +00:00
_: {
services.caddy = {
enable = true;
group = "acme";
globalConfig = ''
admin off
storage file_system /var/lib/caddy
auto_https disable_certs
'';
extraConfig = ''
(baseConfig) {
encode {
gzip
zstd
# TODO: support for brotli
}
}
'';
};
systemd.tmpfiles.rules = [
"d '/var/lib/caddy' 0750 caddy acme - -"
];
2022-08-26 15:51:40 +00:00
networking.firewall.allowedTCPPorts = [80 443];
networking.firewall.allowedUDPPorts = [443];
2022-08-26 15:28:14 +00:00
}