rearrange and refactor multiple modules
This commit is contained in:
parent
622265bd6e
commit
be7cee9208
13 changed files with 233 additions and 456 deletions
|
|
@ -6,19 +6,15 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
# Traefik reverse proxy service
|
||||
services.traefik = {
|
||||
enable = true;
|
||||
|
||||
# Static configuration
|
||||
|
||||
staticConfigOptions = {
|
||||
# Enable Docker provider for automatic service discovery
|
||||
providers.docker = {
|
||||
endpoint = "unix:///var/run/docker.sock";
|
||||
exposedByDefault = false; # Only expose containers with traefik.enable=true
|
||||
network = "podman"; # Use podman network
|
||||
exposedByDefault = false;
|
||||
network = "podman";
|
||||
};
|
||||
# Entry points for HTTP and HTTPS
|
||||
entrypoints = {
|
||||
web = {
|
||||
address = ":80";
|
||||
|
|
@ -34,7 +30,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Certificate resolver using Cloudflare DNS challenge
|
||||
certificatesResolvers.cloudflare = {
|
||||
acme = {
|
||||
email = "cloudflare@yanlincs.com";
|
||||
|
|
@ -50,36 +45,27 @@
|
|||
};
|
||||
};
|
||||
|
||||
# API and dashboard
|
||||
api = {
|
||||
dashboard = true;
|
||||
debug = false;
|
||||
};
|
||||
|
||||
# Logging
|
||||
log = {
|
||||
level = "INFO";
|
||||
};
|
||||
accessLog = {};
|
||||
|
||||
# Global settings
|
||||
global = {
|
||||
checkNewVersion = false;
|
||||
sendAnonymousUsage = false;
|
||||
};
|
||||
};
|
||||
|
||||
# Dynamic configuration is now defined in host-specific proxy.nix files
|
||||
# and will be merged with this base configuration
|
||||
|
||||
# Environment variables for Cloudflare
|
||||
environmentFiles = [ "/etc/traefik-env" ];
|
||||
};
|
||||
|
||||
# Ensure Traefik can access Docker socket
|
||||
systemd.services.traefik.serviceConfig = {
|
||||
SupplementaryGroups = [ "podman" ];
|
||||
# Mount Docker/Podman socket for service discovery
|
||||
BindPaths = [ "/run/podman/podman.sock:/var/run/docker.sock" ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue