29 lines
1.1 KiB
Caddyfile
29 lines
1.1 KiB
Caddyfile
# Caddy snippet that serves the cargoxx binary cache over HTTPS.
|
|
# Append to /etc/caddy/Caddyfile (or include via `import`) and reload:
|
|
# sudo systemctl reload caddy
|
|
#
|
|
# Caddy handles cert provisioning + renewal via ACME automatically.
|
|
# Adjust the domain + the `root` path if the runner lives elsewhere.
|
|
#
|
|
# The cache is read-only here — writes happen exclusively from the
|
|
# runner job container (`nix copy --to file:///srv/cargoxx-cache/store`).
|
|
|
|
cache.cargoxx.amadey.xyz {
|
|
root * /home/mozart/cargoxx-pkgs/runner/cache/store
|
|
file_server browse=false
|
|
|
|
# narinfo / nar are immutable per content hash → cache aggressively.
|
|
@cache_immutable path *.narinfo *.nar.xz *.nar
|
|
header @cache_immutable Cache-Control "public, immutable, max-age=31536000"
|
|
|
|
# Substituter probe — short cache, must reflect new entries quickly.
|
|
@cache_info path /nix-cache-info
|
|
header @cache_info Cache-Control "public, max-age=300"
|
|
|
|
# Logs go to /var/log/caddy/cargoxx-cache.{access,error}.log by
|
|
# default; uncomment to override.
|
|
# log {
|
|
# output file /var/log/caddy/cargoxx-cache.log
|
|
# }
|
|
}
|