JakeHillion/nixos
1
0
Fork 0
Code Issues 10 Pull Requests 5 Actions 2 Packages Projects Releases Wiki Activity

caddy: update to unstable
All checks were successful
flake / flake (push) Successful in 1m13s
Details

Browse Source 
The default config for automatic ACME no longer works in Caddy <2.8.0.
This is due to changes with ZeroSSL's auth. Update to unstable Caddy
which is new enough to renew certs again.

Context: https://github.com/caddyserver/caddy/releases/tag/v2.8.0

Add `pkgs.unstable` as an overlay as recommended on the NixOS wiki. This
is needed here as Caddy must be runnable on all architectures.
This commit is contained in:
Jake Hillion 2024-09-04 23:10:42 +01:00
parent ba7a39b66e
commit 85246af424
6 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
flake.nix
View File

@ -27,6 +27,7 @@
fqdns = builtins.attrNames (builtins.readDir ./hosts); fqdns = builtins.attrNames (builtins.readDir ./hosts);
getSystemOverlays = system: nixpkgsConfig: [ getSystemOverlays = system: nixpkgsConfig: [
(final: prev: { (final: prev: {
unstable = nixpkgs-unstable.legacyPackages.${prev.system};
"storj" = final.callPackage ./pkgs/storj.nix { }; "storj" = final.callPackage ./pkgs/storj.nix { };
}) })
]; ];

2
hosts/sodium.pop.ts.hillion.co.uk/default.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, nixpkgs-unstable, lib, nixos-hardware, ... }: { config, pkgs, lib, nixos-hardware, ... }:
{ {
imports = [ imports = [

1
modules/impermanence.nix
View File

@ -60,6 +60,7 @@ in
(lib.lists.optional config.custom.services.unifi.enable "/var/lib/unifi") ++ (lib.lists.optional config.custom.services.unifi.enable "/var/lib/unifi") ++
(lib.lists.optional (config.virtualisation.oci-containers.containers != { }) "/var/lib/containers") ++ (lib.lists.optional (config.virtualisation.oci-containers.containers != { }) "/var/lib/containers") ++
(lib.lists.optional config.services.tang.enable "/var/lib/private/tang") ++ (lib.lists.optional config.services.tang.enable "/var/lib/private/tang") ++
(lib.lists.optional config.services.caddy.enable "/var/lib/caddy") ++
(lib.lists.optional config.services.step-ca.enable "/var/lib/step-ca/db"); (lib.lists.optional config.services.step-ca.enable "/var/lib/step-ca/db");
}; };
} }

2
modules/resilio.nix
View File

@ -1,4 +1,4 @@
{ pkgs, lib, config, nixpkgs-unstable, ... }: { pkgs, lib, config, ... }:
let let
cfg = config.custom.resilio; cfg = config.custom.resilio;

4
modules/services/gitea/gitea.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, lib, nixpkgs-unstable, ... }: { config, pkgs, lib, ... }:
let let
cfg = config.custom.services.gitea; cfg = config.custom.services.gitea;
@ -55,7 +55,7 @@ in
services.gitea = { services.gitea = {
enable = true; enable = true;
package = nixpkgs-unstable.legacyPackages.x86_64-linux.gitea; package = pkgs.unstable.gitea;
mailerPasswordFile = config.age.secrets."gitea/mailer_password".path; mailerPasswordFile = config.age.secrets."gitea/mailer_password".path;
appName = "Hillion Gitea"; appName = "Hillion Gitea";

5
modules/www/global.nix
View File

@ -33,6 +33,11 @@ in
services.caddy = { services.caddy = {
enable = true; enable = true;
package = pkgs.unstable.caddy;
globalConfig = ''
email acme@hillion.co.uk
'';
virtualHosts = { virtualHosts = {
"hillion.co.uk".extraConfig = '' "hillion.co.uk".extraConfig = ''