caddy_permissions script for local https certs

This commit is contained in:
Nikos Papadakis 2024-07-14 15:18:45 +03:00
parent 8e4b70157b
commit 085c0e27e2
Signed by untrusted user who does not match committer: nikos
GPG key ID: 78871F9905ADFF02
2 changed files with 11 additions and 3 deletions

4
.envrc
View file

@ -2,8 +2,8 @@ if ! has nix_direnv_version || ! nix_direnv_version 2.2.1; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.1/direnvrc" "sha256-zelF0vLbEl5uaqrfIzbgNzJWGmLzCmYAkInj/LNxvKs="
fi
nix_direnv_watch_file flake.nix
nix_direnv_watch_file flake.lock
watch_file flake.nix
watch_file flake.lock
if ! use flake . --impure
then
echo "devenv could not be built. The devenv environment was not loaded. Make the necessary changes to devenv.nix and hit enter to try again." >&2

View file

@ -61,15 +61,23 @@
services.caddy = {
enable = true;
virtualHosts.":8000" = {
package = pkgs.caddy;
virtualHosts."localhost:8000" = {
extraConfig = ''
root * ${config.env.DEVENV_ROOT}/core
php_fastcgi unix/${config.languages.php.fpm.pools.wp.socket}
file_server
tls internal {
on_demand
}
'';
};
};
scripts.caddy_permissions.exec = ''
sudo setcap cap_net_bind_service=+ep ${pkgs.caddy}/bin/caddy
'';
# scripts.install_wp.exec = ''
# set -e
# if ! [ -d ./data ]; then