From 9f5acfd0f7bda5d9de15d3eca01c7d2f1eafc52e Mon Sep 17 00:00:00 2001
From: Linnea Gräf <nea@nea.moe>
Date: Fri, 13 Dec 2024 02:34:55 +0100
Subject: Add caddy

---
 modules/caddy.nix                      | 49 ++++++++++++++++++++++++++++++++++
 srv/h-alpha/hardware-configuration.nix |  2 +-
 srv/h-alpha/services.nix               | 22 +++++++++++++++
 3 files changed, 72 insertions(+), 1 deletion(-)
 create mode 100644 modules/caddy.nix
 create mode 100644 srv/h-alpha/services.nix

diff --git a/modules/caddy.nix b/modules/caddy.nix
new file mode 100644
index 0000000..b8711c6
--- /dev/null
+++ b/modules/caddy.nix
@@ -0,0 +1,49 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+with lib;
+let
+  cfg = config.services.neaCaddy;
+in
+{
+  options.services.neaCaddy = {
+    enable = mkEnableOption "Custom Caddy Service";
+    baseUrl = mkOption {
+      type = types.str;
+      description = "The default domain under which all service subdomains get registered";
+      example = "nea.moe";
+    };
+    reverseProxy = mkOption {
+      type = types.attrsOf (
+        types.submodule {
+          port = mkOption {
+            type = int;
+            description = "The local port of the reverse proxied service";
+          };
+        }
+      );
+      description = "List of reverse proxy hosts to enable";
+    };
+
+  };
+  config = mkIf cfg.enable {
+    services.caddy = (
+      {
+        enable = true;
+      }
+      // ({
+        virtualHosts = attrsets.mapAttrs' (
+          name: value:
+          attrsets.nameValuePair (name + "." + cfg.baseUrl) {
+            extraConfig = ''
+              reverse_proxy http://localhost:${value.port}/
+            '';
+          }
+        ) cfg.reverseProxy;
+      })
+    );
+  };
+}
diff --git a/srv/h-alpha/hardware-configuration.nix b/srv/h-alpha/hardware-configuration.nix
index 8868ede..ccf09a4 100644
--- a/srv/h-alpha/hardware-configuration.nix
+++ b/srv/h-alpha/hardware-configuration.nix
@@ -28,7 +28,7 @@
     matchConfig.Name = "enp1s0";
     addresses = [
       { Address = "65.21.54.251"; }
-      { Address = "2a01:4f9:c012:5dd3::/64"; }
+      { Address = "2a01:4f9:c012:5dd3::/64"; } # TODO: figure out if nix lets me bind against the entire block using anyip
     ];
 
     routes = [
diff --git a/srv/h-alpha/services.nix b/srv/h-alpha/services.nix
new file mode 100644
index 0000000..aa01c0b
--- /dev/null
+++ b/srv/h-alpha/services.nix
@@ -0,0 +1,22 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+{
+  imports = [
+    ../../modules/caddy.nix
+  ];
+  services.neaCaddy = {
+    enable = true;
+    baseUrl = "alpha-site.nea.moe";
+    reverseProxy = {
+      "sentry" = {
+        port = 1234;
+      };
+
+    };
+  };
+}
-- 
cgit