Website mit Caddy darstellen

author: Valentin <valentin@fricklerhandwerk.de> 2025-10-14 16:56:45 +0200
committer: Valentin <valentin@fricklerhandwerk.de> 2025-11-06 16:46:27 +0100
commit: bcbf531a70955241970e5c976973a3e5e5840c56 (patch)
tree: 2671313cf9d387c1a158f872cf6a9bed6105b070 /www
parent: baaac0b3d3d59ca530bfcba400405cec0c7df4d7 (diff)
1 files changed, 85 insertions, 0 deletions
diff --git a/www/caddy.nix b/www/caddy.nix
new file mode 100644
index 0000000..dd31299
--- /dev/null
+++ b/www/caddy.nix
@@ -0,0 +1,85 @@
+{ self, ... }:
+{
+  flake.domain = "heimfeld.hamburg";
+  flake.machines.tharos = {
+    nixos =
+      { lib, ... }:
+      {
+        networking.firewall.allowedTCPPorts = [
+          80
+          443
+        ];
+
+        services.caddy = {
+          enable = true;
+          email = "redaktion@${self.domain}";
+          virtualHosts.${self.domain} = {
+            serverAliases = [ "www.${self.domain}" ];
+            extraConfig = ''
+              file_server {
+                index index.shtml${
+                  "" # TODO: Entfernen wenn Inhalte aufgeräumt
+                }
+              }
+              root * /var/www/${self.domain}
+              encode gzip
+
+              ${
+                "" # TODO: Entfernen wenn Inhalte aufgeräumt
+              }@shtml {
+                  path *.shtml
+                  path */
+              }
+              header @shtml Content-Type "text/html; charset=utf-8"
+            '';
+          };
+        };
+
+        systemd.tmpfiles.rules =
+          let
+            html =
+              with lib.fileset;
+              toSource {
+                root = ./html;
+                fileset = ./html;
+              };
+          in
+          [
+            # Verzeichnis für Web-Inhalte sofort anlegen, da der Webserver sonst nicht startet,
+            # aber nur wenn es noch nicht existiert.
+            "C /var/www/${self.domain} - - - - ${html}"
+          ];
+      };
+    vm =
+      {
+        config,
+        pkgs,
+        lib,
+        ...
+      }:
+      let
+        httpPort = 800;
+      in
+      {
+        services.caddy.globalConfig = ''
+          local_certs
+        '';
+        services.caddy.virtualHosts = {
+          "http://localhost:${toString httpPort}".extraConfig =
+            config.services.caddy.virtualHosts.${self.domain}.extraConfig;
+        };
+        networking.firewall.allowedTCPPorts = [
+          httpPort
+        ];
+
+        systemd.services.caddy.path = [ pkgs.nssTools ]; # Irrelevante Warnung unterdrücken
+
+        services.getty.helpLine = lib.mkAfter ''
+          ${
+            "" # Leerzeile für bessere Lesbarkeit
+          }
+          ${self.domain}: http://localhost:${toString (config.virtualisation.portOffset + httpPort)}
+        '';
+      };
+  };
+}
author	Valentin <valentin@fricklerhandwerk.de>	2025-10-14 16:56:45 +0200
committer	Valentin <valentin@fricklerhandwerk.de>	2025-11-06 16:46:27 +0100
commit	bcbf531a70955241970e5c976973a3e5e5840c56 (patch)
tree	2671313cf9d387c1a158f872cf6a9bed6105b070 /www
parent	baaac0b3d3d59ca530bfcba400405cec0c7df4d7 (diff)