traefik: deploy http redirects
All checks were successful
/ check (push) Successful in 2m43s

This commit is contained in:
notohh 2023-10-12 02:16:22 -04:00
parent b00cd4bd6d
commit 92ff91fe6d
Signed by: notohh
GPG key ID: BD47506D475EE86D

View file

@ -22,18 +22,30 @@
}; };
}; };
http = { http = {
middlewares.authelia = { middlewares = {
authelia = {
forwardauth = { forwardauth = {
address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/"; address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/";
trustForwardHeader = true; trustForwardHeader = true;
}; };
}; };
redirect-to-https = {
redirectscheme.scheme = "https";
redirectscheme.permanent = true;
};
};
routers = { routers = {
api = { api = {
rule = "PathPrefix(`/api/`)"; rule = "PathPrefix(`/api/`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "api@internal"; service = "api@internal";
}; };
uptime-kuma-insecure = {
rule = "Host(`status.flake.sh`)";
entrypoints = ["web"];
service = "uptime-kuma";
middlewares = "redirect-to-https";
};
uptime-kuma = { uptime-kuma = {
rule = "Host(`status.flake.sh`)"; rule = "Host(`status.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -41,6 +53,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
gotify-insecure = {
rule = "Host(`gotify.flake.sh`)";
entrypoints = ["web"];
service = "gotify";
middlewares = "redirect-to-https";
};
gotify = { gotify = {
rule = "Host(`gotify.flake.sh`)"; rule = "Host(`gotify.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -48,6 +66,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
conduit-insecure = {
rule = "Host(`matrix.flake.sh`)";
entrypoints = ["web"];
service = "conduit";
middlewares = "redirect-to-https";
};
conduit = { conduit = {
rule = "Host(`matrix.flake.sh`)"; rule = "Host(`matrix.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -55,6 +79,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
authelia-insecure = {
rule = "Host(`passport.notohh.dev`)";
entrypoints = ["web"];
service = "authelia";
middlewares = "redirect-to-https";
};
authelia = { authelia = {
rule = "Host(`passport.notohh.dev`)"; rule = "Host(`passport.notohh.dev`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -62,6 +92,12 @@
tls.domains = [{main = "*.notohh.dev";}]; tls.domains = [{main = "*.notohh.dev";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
foundryvtt-insecure = {
rule = "Host(`foundry.flake.sh`)";
entrypoints = ["web"];
service = "authelia";
middlewares = "redirect-to-https";
};
foundryvtt = { foundryvtt = {
rule = "Host(`foundry.flake.sh`)"; rule = "Host(`foundry.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -69,6 +105,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
forgejo-insecure = {
rule = "Host(`git.flake.sh`)";
entrypoints = ["web"];
service = "forgejo";
middlewares = "redirect-to-https";
};
forgejo = { forgejo = {
rule = "Host(`git.flake.sh`)"; rule = "Host(`git.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -76,6 +118,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
rustypaste-insecure = {
rule = "Host(`i.flake.sh`)";
entrypoints = ["web"];
service = "rustypaste";
middlewares = "redirect-to-https";
};
rustypaste = { rustypaste = {
rule = "Host(`i.flake.sh`)"; rule = "Host(`i.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -83,6 +131,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
grafana-insecure = {
rule = "Host(`metrics.flake.sh`)";
entrypoints = ["web"];
service = "grafana";
middlewares = "redirect-to-https";
};
grafana = { grafana = {
rule = "Host(`metrics.flake.sh`)"; rule = "Host(`metrics.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -90,6 +144,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
hedgedoc-insecure = {
rule = "Host(`scratch.flake.sh`)";
entrypoints = ["web"];
service = "hedgedoc";
middlewares = "redirect-to-https";
};
hedgedoc = { hedgedoc = {
rule = "Host(`scratch.flake.sh`)"; rule = "Host(`scratch.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -97,6 +157,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
vaultwarden-insecure = {
rule = "Host(`vault.flake.sh`)";
entrypoints = ["web"];
service = "vaultwarden";
middlewares = "redirect-to-https";
};
vaultwarden = { vaultwarden = {
rule = "Host(`vault.flake.sh`)"; rule = "Host(`vault.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -104,6 +170,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
searxng-insecure = {
rule = "Host(`search.flake.sh`)";
entrypoints = ["web"];
service = "searxng";
middlewares = "redirect-to-https";
};
searxng = { searxng = {
rule = "Host(`search.flake.sh`)"; rule = "Host(`search.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];