41 lines
1.1 KiB
Nix
41 lines
1.1 KiB
Nix
|
{ pkgs, config, lib, ... }:
|
||
|
|
||
|
with lib;
|
||
|
let
|
||
|
cfg = config.cloud.traefik.dashboard;
|
||
|
in
|
||
|
{
|
||
|
options.cloud.traefik.dashboard = {
|
||
|
enable = mkEnableOption "Enables the Traefik Dashboard";
|
||
|
usersFile = mkOption {
|
||
|
type = types.path;
|
||
|
description = ''
|
||
|
The path to the users authentication file.
|
||
|
This is passed to the basicAuth middleware, see https://doc.traefik.io/traefik/middlewares/http/basicauth/
|
||
|
'';
|
||
|
};
|
||
|
host = mkOption {
|
||
|
type = types.str;
|
||
|
default = "traefik.nkagami.me";
|
||
|
description = "The host to be used for the dashboard";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = mkIf cfg.enable {
|
||
|
# Enable it in the static config options.
|
||
|
services.traefik.staticConfigOptions.api.dashboard = true;
|
||
|
|
||
|
# Dynamic configuration
|
||
|
# ---------------------
|
||
|
## Middleware
|
||
|
services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = cfg.usersFile;
|
||
|
## Router
|
||
|
services.traefik.dynamicConfigOptions.http.routers.dashboard = {
|
||
|
rule = "Host(`${cfg.host}`)";
|
||
|
entryPoints = [ "https" ];
|
||
|
middlewares = [ "dashboard-auth" ];
|
||
|
service = "api@internal";
|
||
|
};
|
||
|
};
|
||
|
}
|