dev: enable testing acme clients and forwarding behaviour

author: Alan Pearce 2024-06-27 11:23:00 +0200
committer: Alan Pearce 2024-06-27 11:23:00 +0200
commit: 9753346efc025e8f6500adbc483e1c1339eea166 (patch)
tree: b815c4241e228120f9e7c1707bcdcb3e6997a062 /system/settings
parent: aaf13ed811404b1455bf9cd0551957fcdc58e587 (diff)
download: nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.tar.lz
nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.tar.zst
nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.zip
1 files changed, 48 insertions, 44 deletions
diff --git a/system/settings/dev.nix b/system/settings/dev.nix
index 8d246c15..7d2e6193 100644
--- a/system/settings/dev.nix
+++ b/system/settings/dev.nix
@@ -1,58 +1,62 @@
-{ config
-, lib
-, pkgs
-, ...
-}: {
-  networking = lib.mkIf pkgs.stdenv.isLinux {
-    hosts = {
-      "127.0.0.80" = [ "alanpearce.test" ];
-    };
-  };
+{ ... }: {
   services.caddy = {
     enable = true;
-    virtualHosts = {
-      "localhost" = {
-        extraConfig = ''
+    globalConfig = ''
+      auto_https disable_redirects
+    '';
+    virtualHosts =
+      let
+        local_tls = ''
           tls {
             issuer internal {
               ca local
             }
           }
-          acme_server {
-            allow {
-              domains *.test
-            }
-          }
         '';
-      };
-      "alanpearce.test" = {
-        serverAliases = [ "alanpearce.localhost" ];
-        extraConfig = ''
-          tls {
-            issuer internal {
-              ca local
+      in
+      {
+        "localhost" = {
+          logFormat = "output discard";
+          extraConfig = ''
+            ${local_tls}
+            acme_server {
+              allow {
+                domains *.test *.localhost
+              }
             }
-          }
-          reverse_proxy http://alanpearce.test:3000 {
-            header_up Host alanpearce.test
-            transport http {
-              dial_timeout 1s
-              compression off
+          '';
+        };
+        # need to test forwarding behaviour
+        "https://alanpearce.localhost" = {
+          logFormat = "output discard";
+          serverAliases = [
+            "http://alanpearce.localhost"
+
+            # remember to update /etc/hosts
+            "https://alanpearce.test"
+            "http://alanpearce.test"
+          ];
+          extraConfig = ''
+            ${local_tls}
+            reverse_proxy http://alanpearce.test:8080 {
+              transport http {
+                dial_timeout 1s
+                compression off
+              }
             }
-          }
-          redir / https://alanpearce.test:8443 302
-        '';
-      };
-      "searchix.localhost" = {
-        extraConfig = ''
-          reverse_proxy http://localhost:7331 {
-            transport http {
-              dial_timeout 1s
-              compression off
+          '';
+        };
+        "searchix.localhost" = {
+          logFormat = "output discard";
+          extraConfig = ''
+            reverse_proxy http://localhost:7331 {
+              transport http {
+                dial_timeout 1s
+                compression off
+              }
             }
-          }
-        '';
+          '';
+        };
       };
-    };
   };
 }
author	Alan Pearce	2024-06-27 11:23:00 +0200
committer	Alan Pearce	2024-06-27 11:23:00 +0200
commit	9753346efc025e8f6500adbc483e1c1339eea166 (patch)
tree	b815c4241e228120f9e7c1707bcdcb3e6997a062 /system/settings
parent	aaf13ed811404b1455bf9cd0551957fcdc58e587 (diff)
download	nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.tar.lz nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.tar.zst nixfiles-9753346efc025e8f6500adbc483e1c1339eea166.zip