{ config, lib, ... }: with lib; let cfg = config.settings.containers.caddy; in { options = { settings.containers.caddy.enable = lib.mkOption { type = lib.types.bool; default = false; description = '' Enable caddy container ''; }; }; config = mkIf cfg.enable { services.podman.containers.caddy = { image = "localhost/tboomers/caddy-custom:latest"; network = "proxy"; ports = [ "1080:80" "1443:443" ]; volumes = [ "%h/containers/caddy/Caddyfile:/etc/caddy/Caddyfile" "%h/containers/caddy/acme_key:/etc/caddy/acme_key" "%h/containers/caddy/data:/data" ]; }; home.file."containers/caddy/Caddyfile".text = '' *.tbmrs.nl, tbmrs.nl { tls { dns transip xeovalyte /etc/caddy/acme_key resolvers 1.1.1.1 } @root host tbmrs.nl handle @root { respond "Hello there" } @kanidm host auth.tbmrs.nl handle @kanidm { reverse_proxy https://auth.tbmrs.nl } @forgejo host git.tbmrs.nl handle @forgejo { reverse_proxy forgejo:3000 } @immich host photos.tbmrs.nl handle @immich { reverse_proxy immich-server:2283 } @homepage host home.tbmrs.nl handle @homepage { reverse_proxy homepage:3000 } @uptime-kuma host uptime.tbmrs.nl handle @uptime-kuma { reverse_proxy uptime-kuma:3001 } @pingvin-share host share.tbmrs.nl handle @pingvin-share { reverse_proxy pingvin-share:3000 } @dufs host files.tbmrs.nl handle @dufs { reverse_proxy dufs:5000 } } *.local.tbmrs.nl { tls { dns transip xeovalyte /etc/caddy/acme_key resolvers 1.1.1.1 } @vaultwarden host vault.local.tbmrs.nl handle @vaultwarden { reverse_proxy vaultwarden:80 } @paperless-ngx host paperless.local.tbmrs.nl handle @paperless-ngx { reverse_proxy paperless-ngx:8000 } @beszel host monitor.local.tbmrs.nl handle @beszel { reverse_proxy beszel:8090 } @syncthing host syncthing.local.tbmrs.nl handle @syncthing { reverse_proxy syncthing:8384 } @homeassistant host home-assistant.local.tbmrs.nl handle @homeassistant { reverse_proxy homeassistant:8123 } } ''; }; }