notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

traefik: deploy http redirects
All checks were successful
/ check (push) Successful in 2m43s

Browse source
This commit is contained in:
notohh 2023-10-12 02:16:22 -04:00
parent b00cd4bd6d
commit 92ff91fe6d
Signed by: notohh
GPG key ID: BD47506D475EE86D
1 changed files with 76 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
hosts/sora/services/traefik.nix
View file

@ -22,10 +22,16 @@
}; };
}; };
http = { http = {
middlewares.authelia = { middlewares = {
forwardauth = { authelia = {
address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/"; forwardauth = {
trustForwardHeader = true; address = "http://100.121.201.47:9091/api/verify?rd=https://passport.notohh.dev/";
trustForwardHeader = true;
};
};
redirect-to-https = {
redirectscheme.scheme = "https";
redirectscheme.permanent = true;
}; };
}; };
routers = { routers = {
@ -34,6 +40,12 @@
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "api@internal"; service = "api@internal";
}; };
uptime-kuma-insecure = {
rule = "Host(`status.flake.sh`)";
entrypoints = ["web"];
service = "uptime-kuma";
middlewares = "redirect-to-https";
};
uptime-kuma = { uptime-kuma = {
rule = "Host(`status.flake.sh`)"; rule = "Host(`status.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -41,6 +53,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
gotify-insecure = {
rule = "Host(`gotify.flake.sh`)";
entrypoints = ["web"];
service = "gotify";
middlewares = "redirect-to-https";
};
gotify = { gotify = {
rule = "Host(`gotify.flake.sh`)"; rule = "Host(`gotify.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -48,6 +66,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
conduit-insecure = {
rule = "Host(`matrix.flake.sh`)";
entrypoints = ["web"];
service = "conduit";
middlewares = "redirect-to-https";
};
conduit = { conduit = {
rule = "Host(`matrix.flake.sh`)"; rule = "Host(`matrix.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -55,6 +79,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
authelia-insecure = {
rule = "Host(`passport.notohh.dev`)";
entrypoints = ["web"];
service = "authelia";
middlewares = "redirect-to-https";
};
authelia = { authelia = {
rule = "Host(`passport.notohh.dev`)"; rule = "Host(`passport.notohh.dev`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -62,6 +92,12 @@
tls.domains = [{main = "*.notohh.dev";}]; tls.domains = [{main = "*.notohh.dev";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
foundryvtt-insecure = {
rule = "Host(`foundry.flake.sh`)";
entrypoints = ["web"];
service = "authelia";
middlewares = "redirect-to-https";
};
foundryvtt = { foundryvtt = {
rule = "Host(`foundry.flake.sh`)"; rule = "Host(`foundry.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -69,6 +105,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
forgejo-insecure = {
rule = "Host(`git.flake.sh`)";
entrypoints = ["web"];
service = "forgejo";
middlewares = "redirect-to-https";
};
forgejo = { forgejo = {
rule = "Host(`git.flake.sh`)"; rule = "Host(`git.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -76,6 +118,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
rustypaste-insecure = {
rule = "Host(`i.flake.sh`)";
entrypoints = ["web"];
service = "rustypaste";
middlewares = "redirect-to-https";
};
rustypaste = { rustypaste = {
rule = "Host(`i.flake.sh`)"; rule = "Host(`i.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -83,6 +131,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
grafana-insecure = {
rule = "Host(`metrics.flake.sh`)";
entrypoints = ["web"];
service = "grafana";
middlewares = "redirect-to-https";
};
grafana = { grafana = {
rule = "Host(`metrics.flake.sh`)"; rule = "Host(`metrics.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -90,6 +144,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
hedgedoc-insecure = {
rule = "Host(`scratch.flake.sh`)";
entrypoints = ["web"];
service = "hedgedoc";
middlewares = "redirect-to-https";
};
hedgedoc = { hedgedoc = {
rule = "Host(`scratch.flake.sh`)"; rule = "Host(`scratch.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -97,6 +157,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
vaultwarden-insecure = {
rule = "Host(`vault.flake.sh`)";
entrypoints = ["web"];
service = "vaultwarden";
middlewares = "redirect-to-https";
};
vaultwarden = { vaultwarden = {
rule = "Host(`vault.flake.sh`)"; rule = "Host(`vault.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -104,6 +170,12 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
searxng-insecure = {
rule = "Host(`search.flake.sh`)";
entrypoints = ["web"];
service = "searxng";
middlewares = "redirect-to-https";
};
searxng = { searxng = {
rule = "Host(`search.flake.sh`)"; rule = "Host(`search.flake.sh`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];