b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #97618 from lf-/fix-bad-caddy-configs

Browse source 
nixos/caddy: fix overwriting of tls settings in config
This commit is contained in:
WORLDofPEACE 2021-01-29 10:08:46 -05:00 committed by GitHub
parent 79256619ce 00d257c7c3
commit 3eae73d862
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
nixos/modules/services/web-servers/caddy.nix
View file

@ -20,8 +20,24 @@ let
--config ${configFile} --adapter ${cfg.adapter} > $out
'';
tlsJSON = pkgs.writeText "tls.json" (builtins.toJSON tlsConfig);
configJSON = pkgs.runCommand "caddy-config.json" { } ''
${pkgs.jq}/bin/jq -s '.[0] * .[1]' ${adaptedConfig} ${tlsJSON} > $out
# merge the TLS config options we expose with the ones originating in the Caddyfile
configJSON =
let tlsConfigMerge = ''
{"apps":
{"tls":
{"automation":
{"policies":
(if .[0].apps.tls.automation.policies == .[1]?.apps.tls.automation.policies
then .[0].apps.tls.automation.policies
else (.[0].apps.tls.automation.policies + .[1]?.apps.tls.automation.policies)
end)
}
}
}
}'';
in pkgs.runCommand "caddy-config.json" { } ''
${pkgs.jq}/bin/jq -s '.[0] * ${tlsConfigMerge}' ${adaptedConfig} ${tlsJSON} > $out
'';
in {
imports = [