pixelifytica/nixos
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add https/tls support to traefik sites

Browse source
This commit is contained in:
Evie Litherland-Smith 2023-05-15 07:51:06 +01:00
parent ee34f667b9
commit 816b839ab4
4 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Vanguard.nix
View file

@ -7,7 +7,6 @@
./hardware/bluetooth.nix ./hardware/bluetooth.nix
./locales/en_GB.nix ./locales/en_GB.nix
./desktop/plasma.nix ./desktop/plasma.nix
./desktop/hyprland.nix
./desktop/steam.nix ./desktop/steam.nix
./syncthing/Vanguard.nix ./syncthing/Vanguard.nix
./server/adguardhome.nix ./server/adguardhome.nix

2
server/adguardhome.nix
View file

@ -12,7 +12,7 @@
allowedUDPPorts = [ 53 ]; allowedUDPPorts = [ 53 ];
}; };
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
routers.adguard = { rule = "Host(`guard.xenia.me.uk`)"; service = "adguard-webinterface"; }; routers.adguard = { rule = "Host(`guard.xenia.me.uk`)"; service = "adguard-webinterface"; tls = { certResolver = "default"; }; };
services.adguard-webinterface.loadBalancer.servers = [{ url = "http://localhost:3001"; }]; services.adguard-webinterface.loadBalancer.servers = [{ url = "http://localhost:3001"; }];
}; };
} }

2
server/gitea.nix
View file

@ -4,7 +4,7 @@
services.gitea.enable = true; services.gitea.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
routers.gitea = { rule = "Host(`git.xenia.me.uk`)"; service = "gitea-websecure"; }; routers.gitea = { rule = "Host(`git.xenia.me.uk`)"; service = "gitea-websecure"; tls = { certResolver = "default"; }; };
services.gitea-websecure.loadBalancer.servers = [{ url = "http://localhost:3000"; }]; services.gitea-websecure.loadBalancer.servers = [{ url = "http://localhost:3000"; }];
}; };
} }

17
server/traefik.nix
View file

@ -6,9 +6,22 @@
api = { insecure = true; }; api = { insecure = true; };
entryPoints = { entryPoints = {
http = { address = ":80"; }; http = { address = ":80"; };
web = { address = ":30000"; }; https = { address = ":443"; };
};
certificatesResolvers = {
default = {
acme = {
email = "evie@xenia.me.uk";
storage = "/var/lib/traefik/acme.json";
httpChallenge = { entryPoint = "http"; };
};
};
}; };
}; };
dynamicConfigOptions.http = {
routers.traefik = { rule = "Host(`traefik.xenia.me.uk`)"; service = "traefik-webinterface"; tls = { certResolver = "default"; }; };
services.traefik-webinterface.loadBalancer.servers = [{ url = "http://localhost:8080"; }];
};
}; };
networking.firewall = { enable = true; allowedTCPPorts = [ 80 443 30000 ]; }; networking.firewall = { enable = true; allowedTCPPorts = [ 80 443 8080 ]; };
} }