feat: add Cloudflare tunnel hosting

2026-05-28 14:50:07 -07:00 · 2026-05-28 14:50:07 -07:00 · 23e087ae4b
commit 23e087ae4b
parent e6c1b82679
15 changed files with 839 additions and 30 deletions
--- a/remote/cache-service/module.nix
+++ b/remote/cache-service/module.nix
@ -4,6 +4,7 @@ pkg:
 let
  cfg = config.services.noisebell-cache;
  bin = "${pkg}/bin/noisebell-cache";
+  caddyHost = if cfg.httpOnly then "http://${cfg.domain}" else cfg.domain;
 in
 {
  options.services.noisebell-cache = {
@ -14,6 +15,12 @@ in
      description = "Domain for the Caddy virtual host.";
    };

+    httpOnly = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Use an explicit HTTP-only Caddy virtual host, for example behind Cloudflare Tunnel.";
+    };
+
    piAddress = lib.mkOption {
      type = lib.types.str;
      description = "Address of the Pi (e.g. http://noisebell:80).";
@ -87,9 +94,10 @@ in
    };
    users.groups.noisebell-cache = { };

-    services.caddy.virtualHosts.${cfg.domain}.extraConfig = ''
+    services.caddy.virtualHosts.${caddyHost}.extraConfig = ''
      redir / https://git.extremist.software/jet/noisebell 302
      respond /metrics 404
+      respond /webhook 404
      reverse_proxy localhost:${toString cfg.port}
    '';