2 files changed, 6 insertions, 0 deletions

diff --git a/modules/server/networking/caddy.nix b/modules/server/networking/caddy.nix
index 809d5ef..a95ff5d 100644
--- a/modules/server/networking/caddy.nix
+++ b/modules/server/networking/caddy.nix
@@ -1,11 +1,16 @@
+{ config, pkgs, ... }:
 {
   networking.firewall.allowedTCPPorts = [
     80
     443
   ];
 
+  systemd.services.caddy.serviceConfig.EnvironmentFile =
+    config.sops.secrets.caddy_environment_file.path;
+
   services.caddy = {
     enable = true;
+    package = pkgs.caddy-tailscale;
 
     virtualHosts =
       let
diff --git a/modules/server/sops.nix b/modules/server/sops.nix
index 25bd355..8c2549a 100644
--- a/modules/server/sops.nix
+++ b/modules/server/sops.nix
@@ -8,6 +8,7 @@
       "ghcr/password" = { };
       tailscale_authentication_key = { };
       finnhub_token = { };
+      caddy_environment_file = { };
     };
   };
 }