Set up and use auth middleware for traefik and qbittorrent
Remove use of traefik insecure dashboard/API
This commit is contained in:
parent
c73d69cce5
commit
e2e7095a7a
|
@ -10,6 +10,7 @@
|
||||||
./server/sshd.nix
|
./server/sshd.nix
|
||||||
./server/adguardhome.nix
|
./server/adguardhome.nix
|
||||||
./server/gitea.nix
|
./server/gitea.nix
|
||||||
|
./server/qbittorrent.nix
|
||||||
# ./server/nextcloud.nix
|
# ./server/nextcloud.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
rule = "Host(`torrent.xenia.me.uk`)";
|
rule = "Host(`torrent.xenia.me.uk`)";
|
||||||
entryPoints = ["http" "https"];
|
entryPoints = ["http" "https"];
|
||||||
service = "qbittorrent-webinterface";
|
service = "qbittorrent-webinterface";
|
||||||
|
middlewares = ["auth"];
|
||||||
tls = {certResolver = "default";};
|
tls = {certResolver = "default";};
|
||||||
};
|
};
|
||||||
services.qbittorrent-webinterface.loadBalancer.servers = [{url = "http://localhost:8090";}];
|
services.qbittorrent-webinterface.loadBalancer.servers = [{url = "http://localhost:8090";}];
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
services.traefik = {
|
services.traefik = {
|
||||||
enable = true;
|
enable = true;
|
||||||
staticConfigOptions = {
|
staticConfigOptions = {
|
||||||
api = {insecure = true;};
|
api = {dashboard = true;};
|
||||||
entryPoints = {
|
entryPoints = {
|
||||||
http = {
|
http = {
|
||||||
address = ":80";
|
address = ":80";
|
||||||
|
@ -26,13 +26,14 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
dynamicConfigOptions.http = {
|
dynamicConfigOptions.http = {
|
||||||
routers.traefik = {
|
routers.api = {
|
||||||
rule = "Host(`traefik.xenia.me.uk`)";
|
rule = "Host(`traefik.xenia.me.uk`)";
|
||||||
entryPoints = ["http" "https"];
|
entryPoints = ["http" "https"];
|
||||||
service = "traefik-webinterface";
|
service = "api@internal";
|
||||||
|
middlewares = ["auth"];
|
||||||
tls = {certResolver = "default";};
|
tls = {certResolver = "default";};
|
||||||
};
|
};
|
||||||
services.traefik-webinterface.loadBalancer.servers = [{url = "http://localhost:8080";}];
|
middlewares.auth.basicAuth.users = ["xenia:$apr1$LB0wVd6I$BHVPIyh.F5Ewt9/7PqAtS."];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
|
|
Loading…
Reference in a new issue