Use caddy-exec to handling Forgejo webhooks on astral

hosts/astral/default.nix

@@ -36,6 +36,11 @@
 
   services.caddy = {
     enable = true;
+    package = pkgs.caddy.withPlugins {
+      plugins =
+        [ "github.com/abiosoft/caddy-exec@v0.0.0-20240914124740-521d8736cb4d" ];
+      hash = "sha256-ef6/x7wjKk0axjX6MfAzTTwPM2FTOTSSyI9zLLrczV0=";
+    };
     virtualHosts = {
       "astral.leaf.ninja".extraConfig = ''
         respond "astral is online"

hosts/astral/links.nix

@@ -1,39 +1,21 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:
 let
   domain = "nettika.leaf.ninja";
   root = "/srv/links";
-  webhookHandler = pkgs.writeScript "webhook-handler.py" ''
-    #!${pkgs.python3}/bin/python3
-
-    import http.server
-    import socketserver
-    import subprocess
-    import os
-
-    class WebhookHandler(http.server.SimpleHTTPRequestHandler):
-        def do_POST(self):
-            os.chdir('${root}')
-            subprocess.run(['${pkgs.git}/bin/git', 'pull'], check=True)
-            self.send_response(200)
-            self.end_headers()
-            self.wfile.write(b'OK')
-
-    with socketserver.TCPServer(("127.0.0.1", 8081), WebhookHandler) as httpd:
-        httpd.serve_forever()
-  '';
 in {
-  systemd.services.links-webhook = {
+  services.caddy.virtualHosts = {
-    wantedBy = [ "multi-user.target" ];
+    ${domain}.extraConfig = ''
-    after = [ "network.target" ];
-    serviceConfig = {
-      Type = "simple";
-      ExecStart = "${pkgs.python3}/bin/python3 ${webhookHandler}";
-      Restart = "always";
-    };
-  };
-
-  services.caddy.virtualHosts.${domain}.extraConfig = ''
       root * ${root}
       file_server
     '';
+    "http://localhost:8081".extraConfig = let git = lib.getExe pkgs.git;
+    in ''
+      route {
+        exec {
+          command ${git} pull --rebase 
+          directory ${root}
+        }
+      }
+    '';
+  };
 }