2021-11-01 19:44:19 +00:00
|
|
|
{ pkgs, config, lib, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.cloud.traefik.dashboard;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options.cloud.traefik.dashboard = {
|
|
|
|
enable = mkEnableOption "Enables the Traefik Dashboard";
|
|
|
|
usersFile = mkOption {
|
|
|
|
type = types.path;
|
|
|
|
description = ''
|
|
|
|
The path to the users authentication file.
|
|
|
|
This is passed to the basicAuth middleware, see https://doc.traefik.io/traefik/middlewares/http/basicauth/
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
host = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "traefik.nkagami.me";
|
|
|
|
description = "The host to be used for the dashboard";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
# Enable it in the static config options.
|
|
|
|
services.traefik.staticConfigOptions.api.dashboard = true;
|
|
|
|
|
|
|
|
# Dynamic configuration
|
|
|
|
# ---------------------
|
|
|
|
## Middleware
|
|
|
|
services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = cfg.usersFile;
|
|
|
|
## Router
|
|
|
|
services.traefik.dynamicConfigOptions.http.routers.dashboard = {
|
|
|
|
rule = "Host(`${cfg.host}`)";
|
|
|
|
entryPoints = [ "https" ];
|
|
|
|
middlewares = [ "dashboard-auth" ];
|
|
|
|
service = "api@internal";
|
2021-11-01 19:50:30 +00:00
|
|
|
tls.certResolver = "le";
|
2021-11-01 19:44:19 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|