snowflake/hosts/sora/services/traefik.nix

{config, ...}: {
  sops.secrets.cloudflare-api-key = {};
  networking.firewall.allowedTCPPorts = [80 443 2222 8080];
  systemd.services.traefik = {
    environment = {
      CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev";
    };
    serviceConfig = {
      EnvironmentFile = [config.sops.secrets.cloudflare-api-key.path];
    };
  };
  services.traefik = {
    enable = true;
    dynamicConfigOptions = {
      tcp = {
        routers = {
          gitssh = {
            rule = "HostSNI(`*`)";
            entrypoints = ["ssh"];
            service = "gitssh";
          };
        };
        services = {
          gitssh.loadBalancer.servers = [{address = "100.121.201.47:2222";}];
        };
      };
      http = {
        middlewares = {
          authelia = {
            forwardauth = {
              address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/";
              trustForwardHeader = true;
            };
          };
          redirect-to-https = {
            redirectscheme.scheme = "https";
            redirectscheme.permanent = true;
          };
          cors = {
            headers = {
              accessControlAllowOriginList = "https://daphbot.notohh.dev";
            };
          };
          cors-allow-all = {
            headers = {
              accessControlAllowOriginList = "*";
            };
          };
        };
        routers = let
          pqdn = "flake.sh";
        in {
          api = {
            rule = "PathPrefix(`/api/`)";
            entrypoints = ["websecure"];
            service = "api@internal";
          };
          authelia = {
            rule = "Host(`passport.notohh.dev`)";
            entrypoints = ["websecure"];
            service = "authelia";
            tls.domains = [{main = "*.notohh.dev";}];
            tls.certresolver = "production";
          };
          uptime-kuma = {
            rule = "Host(`status.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "uptime-kuma";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          conduit = {
            rule = "Host(`matrix.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "conduit";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          foundryvtt = {
            rule = "Host(`foundry.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "foundryvtt";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          forgejo = {
            rule = "Host(`git.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "forgejo";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
            middlewares = "cors";
          };
          rustypaste = {
            rule = "Host(`i.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "rustypaste";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          grafana = {
            rule = "Host(`metrics.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "grafana";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          hedgedoc = {
            rule = "Host(`scratch.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "hedgedoc";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          vaultwarden = {
            rule = "Host(`vault.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "vaultwarden";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          neko = {
            rule = "Host(`neko.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "neko";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          justlog = {
            rule = "Host(`logs.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "justlog";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          ntfy = {
            rule = "Host(`ntfy.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "ntfy-sh";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          attic = {
            rule = "Host(`cache.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "attic";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
          minio = {
            rule = "Host(`s3.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "minio";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
            middlewares = "cors-allow-all";
          };
          woodpecker = {
            rule = "Host(`ci.${pqdn}`)";
            entrypoints = ["websecure"];
            service = "woodpecker";
            tls.domains = [{main = "*.${pqdn}";}];
            tls.certresolver = "production";
          };
        };
        services = let
          sakuraIp = "100.121.201.47:";
          soraIp = "100.104.42.96:";
        in {
          # sora
          uptime-kuma.loadBalancer.servers = [{url = "http://${soraIp}4000";}];
          foundryvtt.loadBalancer.servers = [{url = "http://${soraIp}30000";}];
          ntfy-sh.loadBalancer.servers = [{url = "http://${soraIp}8090";}];
          attic.loadBalancer.servers = [{url = "http://${soraIp}8200";}];

          # sakura
          forgejo.loadBalancer.servers = [{url = "http://${sakuraIp}3200";}];
          conduit.loadBalancer.servers = [{url = "http://${sakuraIp}6167";}];
          authelia.loadBalancer.servers = [{url = "http://${sakuraIp}9091";}];
          rustypaste.loadBalancer.servers = [{url = "http://${sakuraIp}8000";}];
          grafana.loadBalancer.servers = [{url = "http://${sakuraIp}3100";}];
          hedgedoc.loadBalancer.servers = [{url = "http://${sakuraIp}3300";}];
          vaultwarden.loadBalancer.servers = [{url = "http://${sakuraIp}8222";}];
          searxng.loadBalancer.servers = [{url = "http://${sakuraIp}8100";}];
          justlog.loadBalancer.servers = [{url = "http://${sakuraIp}8025";}];

          # kaze
          minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}];

          # tsuru
          woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}];
        };
      };
    };
    staticConfigOptions = {
      log.level = "DEBUG";
      api.dashboard = false;
      api.insecure = false;
      global = {
        checkNewVersion = false;
        sendAnonymousUsage = true;
      };
      entryPoints = {
        websecure = {
          address = ":443";
        };
        web = {
          address = ":80";
          http.redirections.entryPoint = {
            to = "websecure";
            scheme = "https";
          };
        };
        ssh = {
          address = ":2222";
        };
      };
      metrics = {
        prometheus = {
          addServicesLabels = true;
        };
      };
      certificatesResolvers = {
        staging.acme = {
          email = "x3xr6n66@notohh.dev";
          storage = "/var/lib/traefik/acme.json";
          caServer = "https://acme-staging-v02.api.letsencrypt.org/directory";
          dnsChallenge = {
            provider = "cloudflare";
            resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
            delayBeforeCheck = "0";
          };
        };
        production.acme = {
          email = "x3xr6n66@notohh.dev";
          storage = "/var/lib/traefik/acme.json";
          caServer = "https://acme-v02.api.letsencrypt.org/directory";
          dnsChallenge = {
            provider = "cloudflare";
            resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
            delayBeforeCheck = "0";
          };
        };
      };
    };
  };
}
sora: init traefik 2023-06-24 19:11:16 -04:00			`{config, ...}: {`
			`sops.secrets.cloudflare-api-key = {};`
sora: open dashboard for metrics 2023-10-17 00:48:08 -04:00			`networking.firewall.allowedTCPPorts = [80 443 2222 8080];`
sora: init traefik 2023-06-24 19:11:16 -04:00			`systemd.services.traefik = {`
			`environment = {`
			`CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev";`
			`};`
			`serviceConfig = {`
			`EnvironmentFile = [config.sops.secrets.cloudflare-api-key.path];`
			`};`
			`};`
			`services.traefik = {`
			`enable = true;`
			`dynamicConfigOptions = {`
traefik: init gitssh 2023-10-07 17:06:51 -04:00			`tcp = {`
			`routers = {`
			`gitssh = {`
			rule = "HostSNI(`*`)";
traefik: fix gitssh 2023-12-29 14:27:17 -05:00			`entrypoints = ["ssh"];`
traefik: init gitssh 2023-10-07 17:06:51 -04:00			`service = "gitssh";`
			`};`
			`};`
traefik: fix gitssh 2023-12-29 14:27:17 -05:00			`services = {`
			`gitssh.loadBalancer.servers = [{address = "100.121.201.47:2222";}];`
			`};`
traefik: init gitssh 2023-10-07 17:06:51 -04:00			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`http = {`
traefik: deploy http redirects 2023-10-12 02:16:22 -04:00			`middlewares = {`
			`authelia = {`
			`forwardauth = {`
			`address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/";`
			`trustForwardHeader = true;`
			`};`
			`};`
			`redirect-to-https = {`
			`redirectscheme.scheme = "https";`
			`redirectscheme.permanent = true;`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
traefik: add cors 2023-10-27 12:33:05 -04:00			`cors = {`
			`headers = {`
			`accessControlAllowOriginList = "https://daphbot.notohh.dev";`
			`};`
			`};`
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`cors-allow-all = {`
			`headers = {`
			`accessControlAllowOriginList = "*";`
			`};`
			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`routers = let`
			`pqdn = "flake.sh";`
			`in {`
sora: init traefik 2023-06-24 19:11:16 -04:00			`api = {`
			rule = "PathPrefix(`/api/`)";
			`entrypoints = ["websecure"];`
			`service = "api@internal";`
			`};`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`authelia = {`
			rule = "Host(`passport.notohh.dev`)";
			`entrypoints = ["websecure"];`
			`service = "authelia";`
			`tls.domains = [{main = "*.notohh.dev";}];`
			`tls.certresolver = "production";`
			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`uptime-kuma = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`status.${pqdn}`)";
sora: init traefik 2023-06-24 19:11:16 -04:00			`entrypoints = ["websecure"];`
			`service = "uptime-kuma";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: init traefik 2023-06-24 19:11:16 -04:00			`tls.certresolver = "production";`
			`};`
traefik: init conduit 2023-09-25 12:49:20 -04:00			`conduit = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`matrix.${pqdn}`)";
traefik: init conduit 2023-09-25 12:49:20 -04:00			`entrypoints = ["websecure"];`
			`service = "conduit";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
traefik: add authelia 2023-10-04 21:49:22 -04:00			`tls.certresolver = "production";`
			`};`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`foundryvtt = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`foundry.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "foundryvtt";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
			`};`
			`forgejo = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`git.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "forgejo";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
traefik: add cors 2023-10-27 12:33:05 -04:00			`middlewares = "cors";`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`};`
			`rustypaste = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`i.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "rustypaste";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
			`};`
			`grafana = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`metrics.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "grafana";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
			`};`
			`hedgedoc = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`scratch.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "hedgedoc";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
			`};`
			`vaultwarden = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`vault.${pqdn}`)";
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`entrypoints = ["websecure"];`
			`service = "vaultwarden";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
hosts: route all traffic through tailscale 2023-10-07 10:29:47 -04:00			`tls.certresolver = "production";`
			`};`
sora: init working neko config 2023-11-30 10:54:55 -05:00			`neko = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`neko.${pqdn}`)";
sora: init working neko config 2023-11-30 10:54:55 -05:00			`entrypoints = ["websecure"];`
			`service = "neko";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: init working neko config 2023-11-30 10:54:55 -05:00			`tls.certresolver = "production";`
			`};`
sora: init justlog 2023-12-15 08:28:33 -05:00			`justlog = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`logs.${pqdn}`)";
sora: init justlog 2023-12-15 08:28:33 -05:00			`entrypoints = ["websecure"];`
			`service = "justlog";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: init justlog 2023-12-15 08:28:33 -05:00			`tls.certresolver = "production";`
			`};`
sora: switch to ntfy from gotify 2023-12-30 18:02:40 -05:00			`ntfy = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`ntfy.${pqdn}`)";
sora: switch to ntfy from gotify 2023-12-30 18:02:40 -05:00			`entrypoints = ["websecure"];`
			`service = "ntfy-sh";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: switch to ntfy from gotify 2023-12-30 18:02:40 -05:00			`tls.certresolver = "production";`
			`};`
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`attic = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`cache.${pqdn}`)";
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`entrypoints = ["websecure"];`
			`service = "attic";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`tls.certresolver = "production";`
			`};`
			`minio = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`s3.${pqdn}`)";
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`entrypoints = ["websecure"];`
			`service = "minio";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
sora: init attic w/ minio 2024-01-04 14:41:38 -05:00			`tls.certresolver = "production";`
			`middlewares = "cors-allow-all";`
			`};`
traefik: init woodpecker 2024-01-23 21:25:10 -05:00			`woodpecker = {`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			rule = "Host(`ci.${pqdn}`)";
traefik: init woodpecker 2024-01-23 21:25:10 -05:00			`entrypoints = ["websecure"];`
			`service = "woodpecker";`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`tls.domains = [{main = "*.${pqdn}";}];`
traefik: init woodpecker 2024-01-23 21:25:10 -05:00			`tls.certresolver = "production";`
			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00			`services = let`
			`sakuraIp = "100.121.201.47:";`
			`soraIp = "100.104.42.96:";`
			`in {`
			`# sora`
			`uptime-kuma.loadBalancer.servers = [{url = "http://${soraIp}4000";}];`
			`foundryvtt.loadBalancer.servers = [{url = "http://${soraIp}30000";}];`
			`ntfy-sh.loadBalancer.servers = [{url = "http://${soraIp}8090";}];`
			`attic.loadBalancer.servers = [{url = "http://${soraIp}8200";}];`

			`# sakura`
			`forgejo.loadBalancer.servers = [{url = "http://${sakuraIp}3200";}];`
			`conduit.loadBalancer.servers = [{url = "http://${sakuraIp}6167";}];`
			`authelia.loadBalancer.servers = [{url = "http://${sakuraIp}9091";}];`
			`rustypaste.loadBalancer.servers = [{url = "http://${sakuraIp}8000";}];`
			`grafana.loadBalancer.servers = [{url = "http://${sakuraIp}3100";}];`
			`hedgedoc.loadBalancer.servers = [{url = "http://${sakuraIp}3300";}];`
			`vaultwarden.loadBalancer.servers = [{url = "http://${sakuraIp}8222";}];`
			`searxng.loadBalancer.servers = [{url = "http://${sakuraIp}8100";}];`
			`justlog.loadBalancer.servers = [{url = "http://${sakuraIp}8025";}];`

			`# kaze`
traefik: update minio / attic 2024-01-05 13:30:59 -05:00			`minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}];`
hosts: reduce repition with let bindings replaces (most) values that are repeatedly used w/ a let binding so they can be updated from one place. 2024-02-06 13:40:38 -05:00
			`# tsuru`
traefik: init woodpecker 2024-01-23 21:25:10 -05:00			`woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}];`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
			`};`
			`};`
			`staticConfigOptions = {`
			`log.level = "DEBUG";`
traefik: disable dashboard 2024-01-25 09:35:18 -05:00			`api.dashboard = false;`
traefik: disable api 2024-01-31 09:41:25 -05:00			`api.insecure = false;`
sora: init traefik 2023-06-24 19:11:16 -04:00			`global = {`
			`checkNewVersion = false;`
traefik: disable api 2024-01-31 09:41:25 -05:00			`sendAnonymousUsage = true;`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
			`entryPoints = {`
			`websecure = {`
			`address = ":443";`
			`};`
			`web = {`
			`address = ":80";`
traefik: simplify http redirection 2023-12-29 15:03:46 -05:00			`http.redirections.entryPoint = {`
			`to = "websecure";`
			`scheme = "https";`
			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
traefik: fix gitssh 2023-12-29 14:27:17 -05:00			`ssh = {`
traefik: init gitssh 2023-10-07 17:06:51 -04:00			`address = ":2222";`
			`};`
sora: init traefik 2023-06-24 19:11:16 -04:00			`};`
			`metrics = {`
			`prometheus = {`
			`addServicesLabels = true;`
			`};`
			`};`
			`certificatesResolvers = {`
			`staging.acme = {`
			`email = "x3xr6n66@notohh.dev";`
			`storage = "/var/lib/traefik/acme.json";`
			`caServer = "https://acme-staging-v02.api.letsencrypt.org/directory";`
			`dnsChallenge = {`
			`provider = "cloudflare";`
			`resolvers = ["1.1.1.1:53" "1.0.0.1:53"];`
			`delayBeforeCheck = "0";`
			`};`
			`};`
			`production.acme = {`
			`email = "x3xr6n66@notohh.dev";`
			`storage = "/var/lib/traefik/acme.json";`
			`caServer = "https://acme-v02.api.letsencrypt.org/directory";`
			`dnsChallenge = {`
			`provider = "cloudflare";`
			`resolvers = ["1.1.1.1:53" "1.0.0.1:53"];`
			`delayBeforeCheck = "0";`
			`};`
			`};`
			`};`
			`};`
			`};`
			`}`