1
0
Fork 0
mirror of https://github.com/mdlayher/homelab.git synced 2024-12-14 11:47:32 +00:00
mdlayher-homelab/nixos/routnerr-2/traefik.nix
Matt Layher 6e1f77ccd9
nixos/routnerr-2: migrate to traefik 2 configuration
Signed-off-by: Matt Layher <mdlayher@gmail.com>
2020-10-28 12:31:18 -04:00

80 lines
2.1 KiB
Nix

{ ... }:
let
secrets = import ./lib/secrets.nix;
vars = import ./lib/vars.nix;
in {
services.traefik = {
enable = true;
staticConfigOptions = {
certificatesResolvers.letsencrypt.acme = {
email = "mdlayher@gmail.com";
storage = "/var/lib/traefik/acme.json";
httpChallenge.entryPoint = "http";
};
entryPoints = {
# External entry points.
http = {
address = ":80";
http.redirections.entryPoint = {
to = "https";
scheme = "https";
};
};
https.address = ":443";
};
};
dynamicConfigOptions = {
http = {
routers = {
alertmanager = {
rule = "Host(`alertmanager.servnerr.com`)";
middlewares = [ "alertmanager" ];
service = "alertmanager";
tls.certResolver = "letsencrypt";
};
grafana = {
rule = "Host(`grafana.servnerr.com`)";
service = "grafana";
tls.certResolver = "letsencrypt";
};
plex = {
rule = "Host(`plex.servnerr.com`)";
service = "plex";
tls.certResolver = "letsencrypt";
};
prometheus = {
rule = "Host(`prometheus.servnerr.com`)";
middlewares = [ "prometheus" ];
service = "prometheus";
tls.certResolver = "letsencrypt";
};
};
middlewares = {
alertmanager.basicAuth.users =
[ "${secrets.traefik.alertmanager_auth}" ];
prometheus.basicAuth.users = [ "${secrets.traefik.prometheus_auth}" ];
};
services = {
alertmanager.loadBalancer.servers =
[{ url = "http://servnerr-3.${vars.domain}:9093"; }];
grafana.loadBalancer.servers =
[{ url = "http://servnerr-3.${vars.domain}:3000"; }];
plex.loadBalancer.servers =
[{ url = "http://servnerr-3.${vars.domain}:32400"; }];
prometheus.loadBalancer.servers =
[{ url = "http://servnerr-3.${vars.domain}:9090"; }];
};
};
};
};
}