60 lines
1.3 KiB
Nix
60 lines
1.3 KiB
Nix
# NOTE: environment file at: `/etc/traefik-env` with mode 600
|
|
# content (for Cloudflare API):
|
|
# CF_API_EMAIL=your-email@example.com
|
|
# CF_DNS_API_TOKEN=your-cloudflare-api-token
|
|
|
|
{ ... }:
|
|
|
|
{
|
|
services.traefik = {
|
|
enable = true;
|
|
useEnvSubst = false;
|
|
|
|
dynamic.dir = "/var/lib/traefik/dynamic";
|
|
|
|
static.settings = {
|
|
entryPoints = {
|
|
http = {
|
|
address = ":80";
|
|
http.redirections.entryPoint = {
|
|
to = "websecure";
|
|
scheme = "https";
|
|
permanent = true;
|
|
};
|
|
};
|
|
websecure = {
|
|
address = ":443";
|
|
transport.respondingTimeouts.readTimeout = "0s";
|
|
};
|
|
};
|
|
|
|
certificatesResolvers.cloudflare = {
|
|
acme = {
|
|
email = "cloudflare@yanlincs.com";
|
|
storage = "/var/lib/traefik/acme.json";
|
|
dnsChallenge = {
|
|
provider = "cloudflare";
|
|
delayBeforeCheck = 60;
|
|
resolvers = [
|
|
"1.1.1.1:53"
|
|
"8.8.8.8:53"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
log = {
|
|
level = "INFO";
|
|
};
|
|
accessLog = {};
|
|
|
|
global = {
|
|
checkNewVersion = false;
|
|
sendAnonymousUsage = false;
|
|
};
|
|
};
|
|
|
|
environmentFiles = [ "/etc/traefik-env" ];
|
|
};
|
|
|
|
}
|