Add dashboard support
This commit is contained in:
parent
fea90592fe
commit
0842bd53a2
GPG key ID:
7306B3D3C3AD6E51
|
|
@ -46,7 +46,7 @@ let
|
|||
description = "The entrypoints that will serve the host";
|
||||
};
|
||||
middlewares = mkOption {
|
||||
type = listOf jsonType;
|
||||
type = listOf jsonValue;
|
||||
default = [];
|
||||
description = "The middlewares to be used with the host.";
|
||||
};
|
||||
|
|
|
|||
40
modules/cloud/traefik/dashboard.nix
Normal file
40
modules/cloud/traefik/dashboard.nix
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.cloud.traefik.dashboard;
|
||||
in
|
||||
{
|
||||
options.cloud.traefik.dashboard = {
|
||||
enable = mkEnableOption "Enables the Traefik Dashboard";
|
||||
usersFile = mkOption {
|
||||
type = types.path;
|
||||
description = ''
|
||||
The path to the users authentication file.
|
||||
This is passed to the basicAuth middleware, see https://doc.traefik.io/traefik/middlewares/http/basicauth/
|
||||
'';
|
||||
};
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = "traefik.nkagami.me";
|
||||
description = "The host to be used for the dashboard";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
# Enable it in the static config options.
|
||||
services.traefik.staticConfigOptions.api.dashboard = true;
|
||||
|
||||
# Dynamic configuration
|
||||
# ---------------------
|
||||
## Middleware
|
||||
services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = cfg.usersFile;
|
||||
## Router
|
||||
services.traefik.dynamicConfigOptions.http.routers.dashboard = {
|
||||
rule = "Host(`${cfg.host}`)";
|
||||
entryPoints = [ "https" ];
|
||||
middlewares = [ "dashboard-auth" ];
|
||||
service = "api@internal";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -21,7 +21,7 @@ let
|
|||
cfg = config.cloud.traefik;
|
||||
in
|
||||
{
|
||||
imports = [ ./config.nix ];
|
||||
imports = [ ./config.nix ./dashboard.nix ];
|
||||
options.cloud.traefik = {
|
||||
cloudflareKeyFile = mkOption {
|
||||
type = types.path;
|
||||
|
|
@ -58,10 +58,6 @@ in
|
|||
accessLog = {};
|
||||
log.level = "info";
|
||||
|
||||
# Dashboard
|
||||
# ---------
|
||||
api.dashboard = true;
|
||||
|
||||
# ACME Automatic SSL
|
||||
# ------------------
|
||||
certificatesResolvers.le.acme = {
|
||||
|
|
|
|||
|
|
@ -47,6 +47,11 @@
|
|||
services.my-tinc.rsaPrivateKey = config.sops.secrets.tinc-private-key.path;
|
||||
|
||||
# Set up traefik
|
||||
sops.secrets.cloudflare-dns-api-token = {};
|
||||
sops.secrets.cloudflare-dns-api-token = { owner = "traefik"; };
|
||||
sops.secrets.traefik-dashboard-users = { owner = "traefik"; };
|
||||
cloud.traefik.cloudflareKeyFile = config.sops.secrets.cloudflare-dns-api-token.path;
|
||||
cloud.traefik.dashboard = {
|
||||
enable = true;
|
||||
usersFile = config.sops.secrets.traefik-dashboard-users.path;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
Loading…
Reference in a new issue