From 2c41a17e233c9dd4f4fd34c06525fb66c617f158 Mon Sep 17 00:00:00 2001 From: notohh Date: Fri, 29 Dec 2023 15:03:46 -0500 Subject: [PATCH] traefik: simplify http redirection --- hosts/sora/services/traefik.nix | 76 ++------------------------------- 1 file changed, 4 insertions(+), 72 deletions(-) diff --git a/hosts/sora/services/traefik.nix b/hosts/sora/services/traefik.nix index f5083dc..3a41787 100644 --- a/hosts/sora/services/traefik.nix +++ b/hosts/sora/services/traefik.nix @@ -48,12 +48,6 @@ entrypoints = ["websecure"]; service = "api@internal"; }; - uptime-kuma-insecure = { - rule = "Host(`status.flake.sh`)"; - entrypoints = ["web"]; - service = "uptime-kuma"; - middlewares = "redirect-to-https"; - }; uptime-kuma = { rule = "Host(`status.flake.sh`)"; entrypoints = ["websecure"]; @@ -61,12 +55,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - gotify-insecure = { - rule = "Host(`gotify.flake.sh`)"; - entrypoints = ["web"]; - service = "gotify"; - middlewares = "redirect-to-https"; - }; gotify = { rule = "Host(`gotify.flake.sh`)"; entrypoints = ["websecure"]; @@ -74,12 +62,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - conduit-insecure = { - rule = "Host(`matrix.flake.sh`)"; - entrypoints = ["web"]; - service = "conduit"; - middlewares = "redirect-to-https"; - }; conduit = { rule = "Host(`matrix.flake.sh`)"; entrypoints = ["websecure"]; @@ -87,12 +69,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - authelia-insecure = { - rule = "Host(`passport.notohh.dev`)"; - entrypoints = ["web"]; - service = "authelia"; - middlewares = "redirect-to-https"; - }; authelia = { rule = "Host(`passport.notohh.dev`)"; entrypoints = ["websecure"]; @@ -100,12 +76,6 @@ tls.domains = [{main = "*.notohh.dev";}]; tls.certresolver = "production"; }; - foundryvtt-insecure = { - rule = "Host(`foundry.flake.sh`)"; - entrypoints = ["web"]; - service = "authelia"; - middlewares = "redirect-to-https"; - }; foundryvtt = { rule = "Host(`foundry.flake.sh`)"; entrypoints = ["websecure"]; @@ -113,12 +83,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - forgejo-insecure = { - rule = "Host(`git.flake.sh`)"; - entrypoints = ["web"]; - service = "forgejo"; - middlewares = "redirect-to-https"; - }; forgejo = { rule = "Host(`git.flake.sh`)"; entrypoints = ["websecure"]; @@ -127,12 +91,6 @@ tls.certresolver = "production"; middlewares = "cors"; }; - rustypaste-insecure = { - rule = "Host(`i.flake.sh`)"; - entrypoints = ["web"]; - service = "rustypaste"; - middlewares = "redirect-to-https"; - }; rustypaste = { rule = "Host(`i.flake.sh`)"; entrypoints = ["websecure"]; @@ -140,12 +98,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - grafana-insecure = { - rule = "Host(`metrics.flake.sh`)"; - entrypoints = ["web"]; - service = "grafana"; - middlewares = "redirect-to-https"; - }; grafana = { rule = "Host(`metrics.flake.sh`)"; entrypoints = ["websecure"]; @@ -153,12 +105,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - hedgedoc-insecure = { - rule = "Host(`scratch.flake.sh`)"; - entrypoints = ["web"]; - service = "hedgedoc"; - middlewares = "redirect-to-https"; - }; hedgedoc = { rule = "Host(`scratch.flake.sh`)"; entrypoints = ["websecure"]; @@ -166,12 +112,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - vaultwarden-insecure = { - rule = "Host(`vault.flake.sh`)"; - entrypoints = ["web"]; - service = "vaultwarden"; - middlewares = "redirect-to-https"; - }; vaultwarden = { rule = "Host(`vault.flake.sh`)"; entrypoints = ["websecure"]; @@ -179,12 +119,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - neko-insecure = { - rule = "Host(`neko.flake.sh`)"; - entrypoints = ["web"]; - service = "neko"; - middlewares = "redirect-to-https"; - }; neko = { rule = "Host(`neko.flake.sh`)"; entrypoints = ["websecure"]; @@ -192,12 +126,6 @@ tls.domains = [{main = "*.flake.sh";}]; tls.certresolver = "production"; }; - justlog-insecure = { - rule = "Host(`logs.flake.sh`)"; - entrypoints = ["web"]; - service = "justlog"; - middlewares = "redirect-to-https"; - }; justlog = { rule = "Host(`logs.flake.sh`)"; entrypoints = ["websecure"]; @@ -237,6 +165,10 @@ }; web = { address = ":80"; + http.redirections.entryPoint = { + to = "websecure"; + scheme = "https"; + }; }; ssh = { address = ":2222";