Try to get caddy-tailscale working.

flake.lock

@@ -37,6 +37,38 @@
         "type": "gitlab"
       }
     },
+    "caddy": {
+      "inputs": {
+        "caddy": "caddy_2",
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1,
+        "narHash": "sha256-qw6/LhFq3Wq0Bd+HOvWEgaeLLdSfjxiVFnDCqe7Mg60=",
+        "path": "pkgs/caddy",
+        "type": "path"
+      },
+      "original": {
+        "path": "pkgs/caddy",
+        "type": "path"
+      }
+    },
+    "caddy_2": {
+      "locked": {
+        "lastModified": 1732948222,
+        "narHash": "sha256-kUWyjeqkU+RHTHVXT61QF19eW2vnWgah5OcPrUlU8oU=",
+        "owner": "vincentbernat",
+        "repo": "caddy-nix",
+        "rev": "9d13eb684b4ba1b2eb92e76f7ea1f517eccc4fe1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "vincentbernat",
+        "repo": "caddy-nix",
+        "type": "github"
+      }
+    },
     "darwin": {
       "inputs": {
         "nixpkgs": [
@@ -75,6 +107,24 @@
         "type": "github"
       }
     },
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems_2"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -181,6 +231,18 @@
       }
     },
     "nixpkgs_2": {
+      "locked": {
+        "lastModified": 0,
+        "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=",
+        "path": "/nix/store/4hpdrd3qvj7nks3rrimqm2jdmcga8isc-source",
+        "type": "path"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_3": {
       "locked": {
         "lastModified": 1734875076,
         "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=",
@@ -196,7 +258,7 @@
         "type": "github"
       }
     },
-    "nixpkgs_3": {
+    "nixpkgs_4": {
       "locked": {
         "lastModified": 1717602782,
         "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=",
@@ -214,9 +276,10 @@
     "root": {
       "inputs": {
         "agenix": "agenix",
+        "caddy": "caddy",
         "home-manager": "home-manager_2",
         "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
         "nixpkgsUnstable": "nixpkgsUnstable",
         "simple-nixos-mailserver": "simple-nixos-mailserver"
       }
@@ -225,7 +288,7 @@
       "inputs": {
         "blobs": "blobs",
         "flake-compat": "flake-compat",
-        "nixpkgs": "nixpkgs_3",
+        "nixpkgs": "nixpkgs_4",
         "nixpkgs-24_05": "nixpkgs-24_05",
         "utils": "utils"
       },
@@ -274,9 +337,24 @@
         "type": "github"
       }
     },
+    "systems_3": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "utils": {
       "inputs": {
-        "systems": "systems_2"
+        "systems": "systems_3"
       },
       "locked": {
         "lastModified": 1709126324,

flake.nix

@@ -9,10 +9,11 @@
     };
     agenix.url = "github:ryantm/agenix";
     simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
+    caddy.url = "path:pkgs/caddy";
   };
 
   outputs =
-    {
+    inputs@{
       nixpkgs,
       nixpkgsUnstable,
       home-manager,
@@ -77,6 +78,7 @@
         };
         thewordnerd = nixpkgs.lib.nixosSystem {
           inherit system;
+          specialArgs = { inherit inputs; };
           modules = [
             agenix.nixosModules.default
             {
@@ -99,6 +101,7 @@
         };
         garden = nixpkgs.lib.nixosSystem {
           inherit system;
+          specialArgs = { inherit inputs; };
           modules = [
             agenix.nixosModules.default
             {

pkgs/caddy.nix

@@ -1,86 +0,0 @@
-{
-  lib,
-  buildGoModule,
-  fetchFromGitHub,
-  nixosTests,
-  caddy,
-  testers,
-  installShellFiles,
-  stdenv,
-}:
-let
-  version = "2.8.4";
-  dist = fetchFromGitHub {
-    owner = "tailscale";
-    rev = "f21c01b660c896bdd6bacc37178dc00d9af282b4";
-    repo = "caddy-tailscale";
-    hash = "sha256-O4s7PhSUTXoNEIi+zYASx8AgClMC5rs7se863G6w+l0=";
-  };
-in
-buildGoModule {
-  pname = "caddy";
-  version = "0-unstable-2024-12-22";
-  src = fetchFromGitHub {
-    owner = "tailscale";
-    repo = "caddy-tailscale";
-    rev = "f21c01b660c896bdd6bacc37178dc00d9af282b4";
-    hash = "sha256-CBfyqtWp3gYsYwaIxbfXO3AYaBiM7LutLC7uZgYXfkQ=";
-  };
-
-  vendorHash = "sha256-1Api8bBZJ1/oYk4ZGIiwWCSraLzK9L+hsKXkFtk6iVM=";
-
-  subPackages = [ "cmd/caddy" ];
-
-  ldflags = [
-    "-s"
-    "-w"
-    "-X github.com/caddyserver/caddy/v2.CustomVersion=${version}"
-  ];
-
-  # matches upstream since v2.8.0
-  tags = [ "nobadger" ];
-
-  nativeBuildInputs = [ installShellFiles ];
-
-  postInstall =
-    ''
-      install -Dm644 ${dist}/init/caddy.service ${dist}/init/caddy-api.service -t $out/lib/systemd/system
-
-      substituteInPlace $out/lib/systemd/system/caddy.service \
-        --replace-fail "/usr/bin/caddy" "$out/bin/caddy"
-      substituteInPlace $out/lib/systemd/system/caddy-api.service \
-        --replace-fail "/usr/bin/caddy" "$out/bin/caddy"
-    ''
-    + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
-      # Generating man pages and completions fail on cross-compilation
-      # https://github.com/NixOS/nixpkgs/issues/308283
-
-      $out/bin/caddy manpage --directory manpages
-      installManPage manpages/*
-
-      installShellCompletion --cmd caddy \
-        --bash <($out/bin/caddy completion bash) \
-        --fish <($out/bin/caddy completion fish) \
-        --zsh <($out/bin/caddy completion zsh)
-    '';
-
-  passthru.tests = {
-    inherit (nixosTests) caddy;
-    version = testers.testVersion {
-      command = "${caddy}/bin/caddy version";
-      package = caddy;
-    };
-  };
-
-  meta = with lib; {
-    homepage = "https://caddyserver.com";
-    description = "Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS";
-    license = licenses.asl20;
-    mainProgram = "caddy";
-    maintainers = with maintainers; [
-      Br1ght0ne
-      emilylange
-      techknowlogick
-    ];
-  };
-}

pkgs/caddy/flake.nix

@@ -0,0 +1,31 @@
+{
+  inputs = {
+    nixpkgs.url = "nixpkgs";
+    flake-utils.url = "github:numtide/flake-utils";
+    caddy.url = "github:vincentbernat/caddy-nix";
+  };
+  outputs =
+    {
+      self,
+      nixpkgs,
+      flake-utils,
+      caddy,
+    }:
+    flake-utils.lib.eachDefaultSystem (
+      system:
+      let
+        pkgs = import nixpkgs {
+          inherit system;
+          overlays = [ caddy.overlays.default ];
+        };
+      in
+      {
+        packages = {
+          default = pkgs.caddy.withPlugins {
+            plugins = [ "github.com/tailscale/caddy-tailscale@f21c01b660c896bdd6bacc37178dc00d9af282b4" ];
+            hash = "sha256-zrL1wrWXbXnBrWHSnuNaoO2Q7R9GL3/DfUtS5vTqono=";
+          };
+        };
+      }
+    );
+}

roles/caddy.nix

@@ -1,9 +1,14 @@
-{ config, pkgs, ... }:
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}:
 
 {
   services.caddy = {
     enable = true;
-    package = pkgs.callPackage ../pkgs/caddy.nix { };
+    package = inputs.caddy.packages.${pkgs.stdenv.hostPlatform.system}.default;
     email = "nolan@thewordnerd.info";
   };
   age.secrets.tsAuthKey = {