add jsonConfig to services

services/caddy/default.nix

@@ -1,3 +1,41 @@
-{
-  services.caddy.enable = true;
+{jsonConfig, ...}: {
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      ${jsonConfig.domains.portainer} = {
+        extraConfig = ''
+          reverse_proxy localhost:9000
+          header {
+            # Security headers
+            Strict-Transport-Security "max-age=31536000; includeSubDomains"
+            X-Content-Type-Options "nosniff"
+            X-Frame-Options "DENY"
+            Referrer-Policy "strict-origin-when-cross-origin"
+          }
+        '';
+      };
+      ${jsonConfig.domains.n8n} = {
+        extraConfig = ''
+          reverse_proxy localhost:5678
+          header {
+            Strict-Transport-Security "max-age=31536000; includeSubDomains"
+            X-Content-Type-Options "nosniff"
+            X-Frame-Options "DENY"
+            Referrer-Policy "strict-origin-when-cross-origin"
+          }
+        '';
+      };
+      ${jsonConfig.domains.baserow} = {
+        extraConfig = ''
+          reverse_proxy localhost:3000
+          header {
+            Strict-Transport-Security "max-age=31536000; includeSubDomains"
+            X-Content-Type-Options "nosniff"
+            X-Frame-Options "DENY"
+            Referrer-Policy "strict-origin-when-cross-origin"
+          }
+        '';
+      };
+    };
+  };
 }

services/core/default.nix

@@ -1,10 +1,4 @@
 {
-  imports = [
-    ./baserow
-    ./n8n
-    ./portainer
-  ];
-
   virtualisation.oci-containers.backend = "docker";
 
   systemd.services.docker-network-web = {