roles/printserver: use caddy for CUPS web interface

2025-09-01 16:13:49 -07:00
parent dd4a15357b
commit 4d8372370f
1 changed files with 7 additions and 36 deletions
--- a/roles/printserver.nix
+++ b/roles/printserver.nix
@@ -125,44 +125,15 @@ in
        '';
      };

-      services.traefik = {
+      services.tailscale.permitCertUid = "caddy";
+
+      services.caddy = {
        enable = true;
-
-        staticConfigOptions = {
-          entryPoints = {
-            web = {
-              address = ":80";
-              asDefault = true;
-              http.redirections.entrypoint = {
-                to = "websecure";
-                scheme = "https";
-              };
-            };
-
-            websecure = {
-              address = ":443";
-              asDefault = true;
-              http.tls.certResolver = "tailscale";
-            };
-          };
-
-          certificatesResolvers.tailscale."tailscale" = { };
-        };
-
-        dynamicConfigOptions = {
-          http.routers.cups = {
-            entrypoints = [ "websecure" ];
-            rule = "Host(`${config.networking.hostName}.tail755c5.ts.net`)";
-            service = "cups-gui";
-            tls.certResolver = "tailscale";
-          };
-
-          http.services.cups-gui = {
-            loadBalancer.servers = [ { url = "http://localhost:631"; } ];
-          };
+        virtualHosts."${config.networking.hostName}.tail755c5.ts.net" = {
+          extraConfig = ''
+            reverse_proxy localhost:631
+          '';
        };
      };
-
-      services.tailscale.permitCertUid = "traefik";
    };
 }