diff options
| author | joachifm <joachifm@users.noreply.github.com> | 2016-04-11 09:20:21 +0200 |
|---|---|---|
| committer | joachifm <joachifm@users.noreply.github.com> | 2016-04-11 09:20:21 +0200 |
| commit | 245f200dd882957892adb62e41bbb203548a9e66 (patch) | |
| tree | f55f26b0702043a9bd020713e0a75db79660458c /nixos | |
| parent | 052b9ec3b5362de40e66736cf688ff4843b12e5d (diff) | |
| parent | bb6408ba1684f4971cfd38f13d6a6914900b5f97 (diff) | |
| download | nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar.gz nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar.bz2 nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar.lz nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar.xz nixlib-245f200dd882957892adb62e41bbb203548a9e66.tar.zst nixlib-245f200dd882957892adb62e41bbb203548a9e66.zip | |
Merge pull request #11987 from angus-g/caddy
Add Caddy and its NixOS module
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/misc/ids.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/caddy.nix | 53 |
3 files changed, 56 insertions, 0 deletions
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 3f2c735b2216..c3bade2ee6b9 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -260,6 +260,7 @@ hydra-www = 236; syncthing = 237; mfi = 238; + caddy = 239; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -491,6 +492,7 @@ radicale = 234; syncthing = 237; #mfi = 238; # unused + caddy = 239; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 19c8db1039b6..65f0ea9b65dd 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -434,6 +434,7 @@ ./services/ttys/kmscon.nix ./services/web-apps/pump.io.nix ./services/web-servers/apache-httpd/default.nix + ./services/web-servers/caddy.nix ./services/web-servers/fcgiwrap.nix ./services/web-servers/jboss/default.nix ./services/web-servers/lighttpd/cgit.nix diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix new file mode 100644 index 000000000000..0d2612aaa66b --- /dev/null +++ b/nixos/modules/services/web-servers/caddy.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.caddy; + configFile = pkgs.writeText "Caddyfile" cfg.config; +in +{ + options.services.caddy = { + enable = mkEnableOption "Caddy web server"; + + config = mkOption { + description = "Verbatim Caddyfile to use"; + }; + + email = mkOption { + default = ""; + type = types.string; + description = "Email address (for Let's Encrypt certificate)"; + }; + + dataDir = mkOption { + default = "/var/lib/caddy"; + type = types.path; + description = "The data directory, for storing certificates."; + }; + }; + + config = mkIf cfg.enable { + systemd.services.caddy = { + description = "Caddy web server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.caddy}/bin/caddy -conf=${configFile} -email=${cfg.email}"; + Type = "simple"; + User = "caddy"; + Group = "caddy"; + AmbientCapabilities = "cap_net_bind_service"; + }; + }; + + users.extraUsers.caddy = { + group = "caddy"; + uid = config.ids.uids.caddy; + home = cfg.dataDir; + createHome = true; + }; + + users.extraGroups.caddy.gid = config.ids.uids.caddy; + }; +} |