From 24900346f9240427bbfe68dd6b600078548f36d4 Mon Sep 17 00:00:00 2001
From: lightly-toasted <tooast@duck.com>
Date: Thu, 25 Sep 2025 16:33:32 +0900
Subject: [PATCH] feat(vps): add caddy

- Enabled caddy service
- Opened port 80, 443 for Caddy
---
 hosts/vps/modules/network.nix          |  5 ++++-
 hosts/vps/modules/services/caddy.nix   | 10 ++++++++++
 hosts/vps/modules/services/default.nix |  1 +
 3 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 hosts/vps/modules/services/caddy.nix

diff --git a/hosts/vps/modules/network.nix b/hosts/vps/modules/network.nix
index 50e7906..71c955f 100644
--- a/hosts/vps/modules/network.nix
+++ b/hosts/vps/modules/network.nix
@@ -3,6 +3,9 @@
 {
   networking.hostName = "vps";
   networking.domain = "";
-  networking.firewall.enable = true;
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [ 22 80 443 ];
+  };
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
 }
diff --git a/hosts/vps/modules/services/caddy.nix b/hosts/vps/modules/services/caddy.nix
new file mode 100644
index 0000000..daf295f
--- /dev/null
+++ b/hosts/vps/modules/services/caddy.nix
@@ -0,0 +1,10 @@
+{
+  services.caddy = {
+    enable = true;
+    
+    # zipline
+    virtualHosts."i.toast.name".extraConfig = ''
+      reverse_proxy http://127.0.0.1:3000
+    '';
+  };
+}
diff --git a/hosts/vps/modules/services/default.nix b/hosts/vps/modules/services/default.nix
index f9dbb2d..cc81f8f 100644
--- a/hosts/vps/modules/services/default.nix
+++ b/hosts/vps/modules/services/default.nix
@@ -4,5 +4,6 @@
     ./vaultwarden.nix
     ./openssh.nix
     ./zipline.nix
+    ./caddy.nix
   ];
 }