sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity
Files
3b9854a1792a31b41baeb95367b8528547f076d4
nixconfig/modules/server/docker/traefik.nix
soraefir c636f15689
Some checks failed
Nix Build / build-nixos (push) Failing after 20s
Details
sops&server
2024-05-16 00:13:16 +02:00

82 lines
2.3 KiB
Nix
Raw Blame History

{ config, pkgs, ... }: {
project.name = "traefik";
networks = {
internal = {
name = lib.mkForce "internal";
internal = true;
};
external = {
name = lib.mkForce "external";
internal = false;
};
};
services = {
traefik.service = {
image = "traefik:latest";
container_name = "traefik";
restart = "unless-stopped";
networks = [ "internal" "external" ];
command = [
"--api"
"--providers.docker=true"
"--entrypoints.web.address=:80"
"--entrypoints.web-secure.address=:443"
];
port = [ "443" "80" ];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock:ro"
"${serverCfg.configPath}/traefik/traefik.yaml:/etc/traefik/traefik.yaml"
"${serverCfg.configPath}/traefik/access.log:/etc/traefik/access.log"
"${serverCfg.configPath}/traefik/acme.json:/acme.json"
];
environment = {
"INFOMANIAK_ACCESS_TOKEN" = config.sops.secrets.INFOMANIAK_API_KEY.path;
};
labels = { "traefik.enable" = "false"; };
};
matomo.service = {
image = "matomo:latest";
container_name = "matomo";
restart = "unless-stopped";
networks = [ "external" ];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"${serverCfg.configPath}/matomo:/var/www/html/config:rw"
"${serverCfg.configPath}/traefik/access.log:/var/log/taccess.log:ro"
];
environment = { };
labels = {
"traefik.http.routers.matomo.rule" =
"Host(`matomo.${serverCfg.hostDomain}`)";
"traefik.http.routers.matomo.entrypoints" = "web-secure";
"traefik.http.routers.matomo.tls" = "true";
};
};
searx.service = {
image = "searxng/searxng:latest";
container_name = "searx";
restart = "unless-stopped";
networks = [ "external" ];
volumes = [ "/etc/localtime:/etc/localtime:ro" ];
environment = {
"BASE_URL" = "https://searx.${serverCfg.hostDomain}";
"AUTOCOMPLETE" = "true";
"INSTANCE_NAME" = "searx${serverCfg.shortName}";
};
labels = {
"traefik.http.routers.matomo.rule" =
"Host(`searx.${serverCfg.hostDomain}`)";
"traefik.http.routers.matomo.entrypoints" = "web-secure";
"traefik.http.routers.matomo.tls" = "true";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink