From 8cc592abfa34e9e45a506b679099419a336313fc Mon Sep 17 00:00:00 2001
From: Oleksii Filonenko <brightone@protonmail.com>
Date: Mon, 4 May 2020 02:10:26 +0300
Subject: [PATCH] nixos/caddy: add support for v2

---
 nixos/modules/services/web-servers/caddy.nix | 43 ++++++++++++++++++--
 1 file changed, 40 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix
index 0e6e10a5f47..4c024985dae 100644
--- a/nixos/modules/services/web-servers/caddy.nix
+++ b/nixos/modules/services/web-servers/caddy.nix
@@ -5,12 +5,30 @@ with lib;
 let
   cfg = config.services.caddy;
   configFile = pkgs.writeText "Caddyfile" cfg.config;
+
+  # v2-specific options
+  isCaddy2 = versionAtLeast cfg.package.version "2.0";
+  tlsConfig = {
+    apps.tls.automation.policies = [{
+      issuer = {
+        inherit (cfg) ca email;
+        module = "acme";
+      };
+    }];
+  };
+  adaptedConfig = importJSON (pkgs.runCommand "caddy-config-adapted.json" { } ''
+    ${cfg.package}/bin/caddy adapt \
+      --config ${configFile} --adapter ${cfg.adapter} > $out
+  '');
+  configJSON = pkgs.writeText "caddy-config.json" (builtins.toJSON
+    (recursiveUpdate adaptedConfig tlsConfig));
 in {
   options.services.caddy = {
     enable = mkEnableOption "Caddy web server";
 
     config = mkOption {
       default = "";
+      # TODO: update example text on v2.0 release
       example = ''
         example.com {
         gzip
@@ -24,6 +42,17 @@ in {
       description = "Verbatim Caddyfile to use";
     };
 
+    adapter = mkOption {
+      default = "caddyfile";
+      example = "nginx";
+      type = types.str;
+      description = ''
+        Name of the config adapter to use.
+
+        See https://caddyserver.com/docs/config-adapters for the full list.
+      '';
+    };
+
     ca = mkOption {
       default = "https://acme-v02.api.letsencrypt.org/directory";
       example = "https://acme-staging-v02.api.letsencrypt.org/directory";
@@ -56,8 +85,14 @@ in {
     package = mkOption {
       default = pkgs.caddy;
       defaultText = "pkgs.caddy";
+      example = "pkgs.caddy2";
       type = types.package;
-      description = "Caddy package to use.";
+      description = ''
+        Caddy package to use.
+
+        Note: to use Caddy v2, set this to <option>pkgs.caddy2</option>.
+        v2 will become the default after it is released.
+      '';
     };
   };
 
@@ -68,10 +103,12 @@ in {
       after = [ "network-online.target" ];
       wants = [ "network-online.target" ]; # systemd-networkd-wait-online.service
       wantedBy = [ "multi-user.target" ];
-      environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
+      environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
         { CADDYPATH = cfg.dataDir; };
       serviceConfig = {
-        ExecStart = ''
+        ExecStart = if isCaddy2 then ''
+          ${cfg.package}/bin/caddy run --config ${configJSON}
+        '' else ''
           ${cfg.package}/bin/caddy -log stdout -log-timestamps=false \
             -root=/var/tmp -conf=${configFile} \
             -ca=${cfg.ca} -email=${cfg.email} ${optionalString cfg.agree "-agree"}