9 miesięcy temu · a719930b0a
--- a/flake.lock
+++ b/flake.lock
@@ -295,11 +295,11 @@
 
				         ]
			
 
				       },
			
 
				       "locked": {
			
 
				-        "lastModified": 1756496801,
			
 
				-        "narHash": "sha256-IYIsnPy+cJxe8RbDHBrCtfJY0ry2bG2H7WvMcewiGS8=",
			
 
				+        "lastModified": 1756579987,
			
 
				+        "narHash": "sha256-duCce8zGsaMsrqqOmLOsuaV1PVIw/vXWnKuLKZClsGg=",
			
 
				         "owner": "nix-community",
			
 
				         "repo": "home-manager",
			
 
				-        "rev": "77a71380c38fb2a440b4b5881bbc839f6230e1cb",
			
 
				+        "rev": "99a69bdf8a3c6bf038c4121e9c4b6e99706a187a",
			
 
				         "type": "github"
			
 
				       },
			
 
				       "original": {
			
@@ -517,11 +517,11 @@
 
				     },
			
 
				     "secrets": {
			
 
				       "locked": {
			
 
				-        "lastModified": 1756549585,
			
 
				-        "narHash": "sha256-BB/yBjXVB/KCl3hH7p8gZ6WkV43oFjtuNf34uUakJpg=",
			
 
				+        "lastModified": 1756582634,
			
 
				+        "narHash": "sha256-kBBaHMP5g2Ytg0m0GBhZtIWXJG7kfpwd/ubP86Nx5tg=",
			
 
				         "ref": "refs/heads/master",
			
 
				-        "rev": "2e3ad4dfab062b27d01ce0e9348262fabc9e33d2",
			
 
				-        "revCount": 6,
			
 
				+        "rev": "c99f89799cefa8bb37e8803cb274171d0441adda",
			
 
				+        "revCount": 7,
			
 
				         "type": "git",
			
 
				         "url": "ssh://[email protected]/control/secrets.git"
			
 
				       },
			
--- a/hosts/odin/age.nix
+++ b/hosts/odin/age.nix
@@ -4,6 +4,11 @@
 
				 
			
 
				   age.identityPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
			
 
				   age.secrets = {
			
 
				+    "odin/services/caddy" = {
			
 
				+      file = inputs.secrets."odin/services/caddy.age";
			
 
				+      owner = config.services.caddy.user;
			
 
				+      group = config.services.caddy.group;
			
 
				+    };
			
 
				     "odin/services/nullmailer" = {
			
 
				       file = inputs.secrets."odin/services/nullmailer.age";
			
 
				       owner = config.services.nullmailer.user;
			
--- a/hosts/odin/services/caddy.nix
+++ b/hosts/odin/services/caddy.nix
@@ -0,0 +1,21 @@
 
				+{ config, pkgs, ... }:
			
 
				+{
			
 
				+  services.caddy = {
			
 
				+    enable = true;
			
 
				+    package = pkgs.caddy.withPlugins {
			
 
				+      plugins = [ "github.com/caddy-dns/[email protected]" ];
			
 
				+      hash = "sha256-p9AIi6MSWm0umUB83HPQoU8SyPkX5pMx989zAi8d/74=";
			
 
				+    };
			
 
				+    environmentFile = config.age.secrets."odin/services/caddy".path;
			
 
				+    # TODO: set to null for production
			
 
				+    acmeCA = "https://acme-staging-v02.api.letsencrypt.org/directory";
			
 
				+    globalConfig = ''
			
 
				+      acme_dns cloudflare {env.CF_API_TOKEN}
			
 
				+    '';
			
 
				+
			
 
				+    virtualHosts.welcome.hostName = "{$DOMAIN}";
			
 
				+    virtualHosts.welcome.extraConfig = ''
			
 
				+      respond "Hello World"
			
 
				+    '';
			
 
				+  };
			
 
				+}
			
--- a/hosts/odin/services/default.nix
+++ b/hosts/odin/services/default.nix
@@ -2,6 +2,7 @@
 
				 
			
 
				 {
			
 
				   imports = [
			
 
				+    ./caddy.nix
			
 
				     ./snapraid.nix
			
 
				     ./tailscale.nix
			
 
				     # ./immich.nix