feat: add caddy setting and domain

2026-03-09 20:13:29 -07:00 · 2026-03-09 20:13:29 -07:00 · 8368cc115e
commit 8368cc115e
parent d43ddb5e06
1 changed files with 21 additions and 0 deletions
--- a/module.nix
+++ b/module.nix
@ -14,6 +14,12 @@ in
      description = "Address and port for the MyMX server to listen on.";
    };

+    domain = lib.mkOption {
+      type = lib.types.str;
+      default = "mymx.extremist.software";
+      description = "Domain name for the Caddy virtual host.";
+    };
+
    webhookSecretFile = lib.mkOption {
      type = lib.types.path;
      description = "Path to a file containing the MyMX webhook secret.";
@ -51,6 +57,21 @@ in
      }];
    };

+    services.caddy.virtualHosts.${cfg.domain} = {
+      extraConfig = ''
+        rate_limit {
+          zone mymx_per_ip {
+            key {remote.ip}
+            events 60
+            window 1m
+          }
+        }
+        reverse_proxy localhost:${
+          builtins.elemAt (lib.splitString ":" cfg.listenAddr) 1
+        }
+      '';
+    };
+
    systemd.services.mymx = {
      description = "MyMX Webhook Receiver";
      after = [ "postgresql.service" "network.target" ];