From 9f58e8207d08567704caef9ecf0d29c3351f4a65 Mon Sep 17 00:00:00 2001 From: Oleksii Filonenko Date: Mon, 4 May 2020 02:10:26 +0300 Subject: [PATCH 1/5] nixos/caddy: add support for v2 --- nixos/modules/services/web-servers/caddy.nix | 43 ++++++++++++++++++-- 1 file changed, 40 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix index 0e6e10a5f47d9..4c024985dae5d 100644 --- a/nixos/modules/services/web-servers/caddy.nix +++ b/nixos/modules/services/web-servers/caddy.nix @@ -5,12 +5,30 @@ with lib; let cfg = config.services.caddy; configFile = pkgs.writeText "Caddyfile" cfg.config; + + # v2-specific options + isCaddy2 = versionAtLeast cfg.package.version "2.0"; + tlsConfig = { + apps.tls.automation.policies = [{ + issuer = { + inherit (cfg) ca email; + module = "acme"; + }; + }]; + }; + adaptedConfig = importJSON (pkgs.runCommand "caddy-config-adapted.json" { } '' + ${cfg.package}/bin/caddy adapt \ + --config ${configFile} --adapter ${cfg.adapter} > $out + ''); + configJSON = pkgs.writeText "caddy-config.json" (builtins.toJSON + (recursiveUpdate adaptedConfig tlsConfig)); in { options.services.caddy = { enable = mkEnableOption "Caddy web server"; config = mkOption { default = ""; + # TODO: update example text on v2.0 release example = '' example.com { gzip @@ -24,6 +42,17 @@ in { description = "Verbatim Caddyfile to use"; }; + adapter = mkOption { + default = "caddyfile"; + example = "nginx"; + type = types.str; + description = '' + Name of the config adapter to use. + + See https://caddyserver.com/docs/config-adapters for the full list. + ''; + }; + ca = mkOption { default = "https://acme-v02.api.letsencrypt.org/directory"; example = "https://acme-staging-v02.api.letsencrypt.org/directory"; @@ -56,8 +85,14 @@ in { package = mkOption { default = pkgs.caddy; defaultText = "pkgs.caddy"; + example = "pkgs.caddy2"; type = types.package; - description = "Caddy package to use."; + description = '' + Caddy package to use. + + Note: to use Caddy v2, set this to . + v2 will become the default after it is released. + ''; }; }; @@ -68,10 +103,12 @@ in { after = [ "network-online.target" ]; wants = [ "network-online.target" ]; # systemd-networkd-wait-online.service wantedBy = [ "multi-user.target" ]; - environment = mkIf (versionAtLeast config.system.stateVersion "17.09") + environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2) { CADDYPATH = cfg.dataDir; }; serviceConfig = { - ExecStart = '' + ExecStart = if isCaddy2 then '' + ${cfg.package}/bin/caddy run --config ${configJSON} + '' else '' ${cfg.package}/bin/caddy -log stdout -log-timestamps=false \ -root=/var/tmp -conf=${configFile} \ -ca=${cfg.ca} -email=${cfg.email} ${optionalString cfg.agree "-agree"} From f7cb4169aaa9bb672426f340acda3c75d2d6b222 Mon Sep 17 00:00:00 2001 From: Oleksii Filonenko Date: Fri, 8 May 2020 09:35:55 +0000 Subject: [PATCH 2/5] nixos/caddy: use v2 by default --- nixos/modules/services/web-servers/caddy.nix | 33 ++++++++++---------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix index 4c024985dae5d..65e9f12e6648f 100644 --- a/nixos/modules/services/web-servers/caddy.nix +++ b/nixos/modules/services/web-servers/caddy.nix @@ -20,6 +20,7 @@ let ${cfg.package}/bin/caddy adapt \ --config ${configFile} --adapter ${cfg.adapter} > $out ''); + # TODO: validate with `caddy validate`? configJSON = pkgs.writeText "caddy-config.json" (builtins.toJSON (recursiveUpdate adaptedConfig tlsConfig)); in { @@ -28,18 +29,18 @@ in { config = mkOption { default = ""; - # TODO: update example text on v2.0 release example = '' example.com { - gzip - minify - log syslog - - root /srv/http + encode gzip + log + root /srv/http } ''; type = types.lines; - description = "Verbatim Caddyfile to use"; + description = '' + Verbatim Caddyfile to use. + Caddy v2 supports multiple config formats via adapters (see ). + ''; }; adapter = mkOption { @@ -47,8 +48,7 @@ in { example = "nginx"; type = types.str; description = '' - Name of the config adapter to use. - + Name of the config adapter to use. Not applicable to Caddy v1. See https://caddyserver.com/docs/config-adapters for the full list. ''; }; @@ -79,19 +79,20 @@ in { The data directory, for storing certificates. Before 17.09, this would create a .caddy directory. With 17.09 the contents of the .caddy directory are in the specified data directory instead. + + Caddy v2 replaced CADDYPATH with XDG directories. + See https://caddyserver.com/docs/conventions#file-locations. ''; }; package = mkOption { - default = pkgs.caddy; - defaultText = "pkgs.caddy"; - example = "pkgs.caddy2"; + default = pkgs.caddy2; + defaultText = "pkgs.caddy2"; + example = "pkgs.caddy"; type = types.package; description = '' Caddy package to use. - - Note: to use Caddy v2, set this to . - v2 will become the default after it is released. + To use Caddy v1 (obsolete), set this to . ''; }; }; @@ -99,7 +100,7 @@ in { config = mkIf cfg.enable { systemd.services.caddy = { description = "Caddy web server"; - # upstream unit: https://github.com/caddyserver/caddy/blob/master/dist/init/linux-systemd/caddy.service + # upstream unit: https://github.com/caddyserver/dist/blob/master/init/caddy.service after = [ "network-online.target" ]; wants = [ "network-online.target" ]; # systemd-networkd-wait-online.service wantedBy = [ "multi-user.target" ]; From c507b33d20d415830dbc7d9db95fc13f6e553ce3 Mon Sep 17 00:00:00 2001 From: Oleksii Filonenko Date: Fri, 8 May 2020 09:39:24 +0000 Subject: [PATCH 3/5] nixosTests.caddy: update to v2 - Update configuration syntax - Add filalex77 as a maintainer --- nixos/tests/caddy.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/tests/caddy.nix b/nixos/tests/caddy.nix index 144d83179a16d..e9a93df4f486e 100644 --- a/nixos/tests/caddy.nix +++ b/nixos/tests/caddy.nix @@ -1,7 +1,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { name = "caddy"; meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ xfix ]; + maintainers = [ xfix filalex77 ]; }; nodes = { @@ -9,9 +9,9 @@ import ./make-test-python.nix ({ pkgs, ... }: { services.caddy.enable = true; services.caddy.config = '' http://localhost { - gzip + encode gzip - root ${ + root * ${ pkgs.runCommand "testdir" {} '' mkdir "$out" echo hello world > "$out/example.html" @@ -23,9 +23,9 @@ import ./make-test-python.nix ({ pkgs, ... }: { specialisation.etag.configuration = { services.caddy.config = lib.mkForce '' http://localhost { - gzip + encode gzip - root ${ + root * ${ pkgs.runCommand "testdir2" {} '' mkdir "$out" echo changed > "$out/example.html" From c5ad189cd533ba65f9c90b58e7fd8beafe01da38 Mon Sep 17 00:00:00 2001 From: Oleksii Filonenko Date: Fri, 8 May 2020 22:23:33 +0300 Subject: [PATCH 4/5] caddy: 1.0.5 -> 2.0.0 Rename legacy v1 to `caddy1` --- nixos/modules/services/web-servers/caddy.nix | 8 ++--- pkgs/servers/caddy/default.nix | 24 ++++--------- pkgs/servers/caddy/v1.nix | 36 ++++++++++++++++++++ pkgs/servers/caddy/v2.nix | 23 ------------- pkgs/top-level/all-packages.nix | 2 +- 5 files changed, 48 insertions(+), 45 deletions(-) create mode 100644 pkgs/servers/caddy/v1.nix delete mode 100644 pkgs/servers/caddy/v2.nix diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix index 65e9f12e6648f..e5f1df774bbcf 100644 --- a/nixos/modules/services/web-servers/caddy.nix +++ b/nixos/modules/services/web-servers/caddy.nix @@ -86,13 +86,13 @@ in { }; package = mkOption { - default = pkgs.caddy2; - defaultText = "pkgs.caddy2"; - example = "pkgs.caddy"; + default = pkgs.caddy; + defaultText = "pkgs.caddy"; + example = "pkgs.caddy1"; type = types.package; description = '' Caddy package to use. - To use Caddy v1 (obsolete), set this to . + To use Caddy v1 (obsolete), set this to pkgs.caddy1. ''; }; }; diff --git a/pkgs/servers/caddy/default.nix b/pkgs/servers/caddy/default.nix index 415f85371850d..5a7ac8f086f97 100644 --- a/pkgs/servers/caddy/default.nix +++ b/pkgs/servers/caddy/default.nix @@ -2,35 +2,25 @@ buildGoModule rec { pname = "caddy"; - version = "1.0.5"; + version = "2.0.0"; - goPackagePath = "github.com/caddyserver/caddy"; - - subPackages = [ "caddy" ]; + subPackages = [ "cmd/caddy" ]; src = fetchFromGitHub { owner = "caddyserver"; repo = pname; rev = "v${version}"; - sha256 = "0jrhwmr6gggppskg5h450wybzkv17iq69dgw36hd1dp56q002i7g"; + sha256 = "1c1frfx0qkprhf4var70cncvrw8s9gjag2hygndbd9055hb52bvv"; }; + vendorSha256 = "09vnci9pp8zp7bvn8zj68wslz2nc54nhcd0ll31sqfjbp00215mj"; - preBuild = '' - cat << EOF > caddy/main.go - package main - import "github.com/caddyserver/caddy/caddy/caddymain" - func main() { - caddymain.EnableTelemetry = false - caddymain.Run() - } - EOF - ''; + modSha256 = "19sxyvfq1bpg85w8cd1yk2s6rd8759cf2zqs5b6wyny4cak2bl83"; meta = with stdenv.lib; { homepage = "https://caddyserver.com"; description = "Fast, cross-platform HTTP/2 web server with automatic HTTPS"; license = licenses.asl20; - maintainers = with maintainers; [ rushmorem fpletz zimbatm filalex77 ]; + maintainers = with maintainers; [ filalex77 ]; }; -} \ No newline at end of file +} diff --git a/pkgs/servers/caddy/v1.nix b/pkgs/servers/caddy/v1.nix new file mode 100644 index 0000000000000..bcd4b7065b587 --- /dev/null +++ b/pkgs/servers/caddy/v1.nix @@ -0,0 +1,36 @@ +{ stdenv, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "caddy"; + version = "1.0.5"; + + goPackagePath = "github.com/caddyserver/caddy"; + + subPackages = [ "caddy" ]; + + src = fetchFromGitHub { + owner = "caddyserver"; + repo = pname; + rev = "v${version}"; + sha256 = "0jrhwmr6gggppskg5h450wybzkv17iq69dgw36hd1dp56q002i7g"; + }; + modSha256 = "1gc0xvsihr4zp7hkrdfrplvzkaphz1y4q53rgwn2jhd8s98l57an"; + + preBuild = '' + cat << EOF > caddy/main.go + package main + import "github.com/caddyserver/caddy/caddy/caddymain" + func main() { + caddymain.EnableTelemetry = false + caddymain.Run() + } + EOF + ''; + + meta = with stdenv.lib; { + homepage = "https://caddyserver.com"; + description = "Fast, cross-platform HTTP/2 web server with automatic HTTPS"; + license = licenses.asl20; + maintainers = with maintainers; [ rushmorem fpletz zimbatm filalex77 ]; + }; +} diff --git a/pkgs/servers/caddy/v2.nix b/pkgs/servers/caddy/v2.nix deleted file mode 100644 index c4f12e58b0fa4..0000000000000 --- a/pkgs/servers/caddy/v2.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ stdenv, buildGoModule, fetchFromGitHub }: - -buildGoModule rec { - pname = "caddy"; - version = "2.0.0"; - - subPackages = [ "cmd/caddy" ]; - - src = fetchFromGitHub { - owner = "caddyserver"; - repo = pname; - rev = "v${version}"; - sha256 = "1c1frfx0qkprhf4var70cncvrw8s9gjag2hygndbd9055hb52bvv"; - }; - vendorSha256 = "004hpjxpp18f71vy5v5ky0g07a8d5xh5qwl5b4bbx34hpf8yxs81"; - - meta = with stdenv.lib; { - homepage = "https://caddyserver.com"; - description = "Fast, cross-platform HTTP/2 web server with automatic HTTPS"; - license = licenses.asl20; - maintainers = with maintainers; [ filalex77 ]; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b65cca00093da..3fd2caf0b56fa 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1448,7 +1448,7 @@ in }); caddy = callPackage ../servers/caddy { }; - caddy2 = callPackage ../servers/caddy/v2.nix { }; + caddy1 = callPackage ../servers/caddy/v1.nix { }; traefik = callPackage ../servers/traefik { }; calamares = libsForQt5.callPackage ../tools/misc/calamares { From 4d7b3c276dba2702c81a2e72f9d87ff5d57f5c23 Mon Sep 17 00:00:00 2001 From: Oleksii Filonenko Date: Fri, 8 May 2020 22:36:31 +0300 Subject: [PATCH 5/5] release-notes/rl-2009: add item about Caddy v2 --- nixos/doc/manual/release-notes/rl-2009.xml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml index 97b94c5756a77..13988d668e739 100644 --- a/nixos/doc/manual/release-notes/rl-2009.xml +++ b/nixos/doc/manual/release-notes/rl-2009.xml @@ -531,6 +531,15 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ]; to be used for every display-manager in NixOS. + + + Caddy module now uses Caddy v2 by default. Caddy v1 can still be used by setting + to pkgs.caddy1. + + + New option has been added. + +