Wordpress & caddy -- https is not working


I am trying to get wordpress + caddy working. Here is my nixos config:

  services.caddy = {
    enable = true;
    extraConfig = ''
        hello.bec-systems.com {
          respond "Hello, world!"

  services.wordpress = {
    webserver = "caddy";

  services.wordpress.sites."web2.bec-systems.com" = {
    database.createLocally = true;  # name is set to `wordpress` by default

    virtualHost = {
      adminAddr = "cbrake@bec-systems.com";
      serverAliases = [ "web2.bec-systems.com" ];

This generates a Caddyfile:

        acme_ca https://acme-v02.api.letsencrypt.org/directory
        log {
                level ERROR
hello.bec-systems.com {
        respond "Hello, world!"

http://web2.bec-systems.com {

        log {
                output file /var/log/caddy/access-http://web2.bec-systems.com.log

        root * //nix/store/pzhi3vzh235c01rm7mkpb8iqidcsfrzp-wordpress-web2.bec-systems.com-5.9.3/share/wordpress

        php_fastcgi unix//run/phpfpm/wordpress-web2.bec-systems.com.sock

        @uploads {
                path_regexp path /uploads\/(.*)\.php
        rewrite @uploads /

        @wp-admin {
                path not ^\/wp-admin/*
        rewrite @wp-admin {path}/index.php?{query}

https://hello.bec-systems.com works fine, but http://web2.bec-systems.com/ only works with http, not https. I think in the above caddy config, http://web2.bec-systems.com needs replaced with web2.bec-systems.com.

The wordpress service is defined here:

Appreciate any thoughts on how I can solve this problem.

1 Like

I’m having the same issue but with nginx as webserver instead.

OP, have you found a fix yet?

No, I’ve not had time to look at it yet, and still climbing the nixos curve.

I know this is very basic, but can anyone provide a high-level overview as to how I can modify wordpress.nix to do some testing?

If you are using flakes, you could try forking nixpkgs on Github, then changing wordpress.nix in your fork and then use your forked repo as flake input. I haven’t tested this, though.

Hi guys, I know it is late, but better late than never. I ran into the same issue and I was poking around for a solution… I found out that in order to have https enabled by default one should change this line https://github.com/NixOS/nixpkgs/blob/71739af235e5a098d5795c8a92aedd48ce201a91/nixos/modules/services/web-apps/wordpress.nix#L456
and remove the http protocol, addressing the configuration for the hostname only.

I guess that it will also work by adding a block that starts with https://{hostname} but then it should be manually pointed to the wordpress folders which will be a mess.

I hope I’ll get the time to make a PR that fixes this soon.