numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Services are ready

Browse Source
This commit is contained in:
Raphaël Numbus
2026-02-23 23:05:54 +01:00
parent 944ffcea85
commit 4bbd62a93e
11 changed files with 276 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/services/traefik.nix
+30 -18
View File
@@ -3,7 +3,9 @@
with lib;
let
# Version tagging
traefikVersion = "v3.6.8";
# Helper
helper = import ./lib.nix { inherit config pkgs lib; };
cfg = config.numbus.services.traefik;
in
@@ -13,23 +15,16 @@ helper.mkPodmanService {
name = "traefik";
reverseProxied = false;
dependencies = [ "network.target" "multi-user.target" ];
configDir = false;
dataDir = false;
delaySec = 10;
extraOptions = {
enable.default = true;
staticConfigFile = mkOption {
type = types.str;
default = "traefik/config.yaml";
description = "The path for Traefik's static configuration file, relative to /etc/";
};
logLevel = mkOption {
type = types.enum [ "TRACE" "DEBUG" "INFO" "WARN" "ERROR" "FATAL" ];
default = "ERROR";
description = "The level of detail Traefik should print in the logs.";
};
# traefikDynamicConfigDir defined at global.nix
generatedSecrets = {
CLOUDFLARE_DNS_API_TOKEN = "cat ${config.numbus.mail.smtpPasswordPath}";
};
dirPermissions = [
"100999:users ${cfg.configDir}"
"100999:users /etc/${cfg.staticConfigFile}"
"100999:users ${config.numbus.traefikDynamicConfigDir}"
];
# Compose file good
composeText = ''
@@ -38,17 +33,19 @@ helper.mkPodmanService {
image: docker.io/library/traefik:${traefikVersion}
container_name: traefik
hostname: traefik
user: '1000:1000'
network_mode: pasta
ports:
- "80:80/tcp"
- "443:443/tcp"
volumes:
- /run/user/1000/podman/podman.sock:/run/docker.sock:ro
- /etc/${cfg.staticConfigFile}:/etc/traefik/traefik.yaml:ro
- ${config.numbus.traefikDynamicConfigDir}:/etc/traefik/conf:ro
- ${cfg.dataDir}:/var/traefik/certs:rw
- ${cfg.configDir}:/var/traefik/certs:rw
environment:
- CF_DNS_API_TOKEN=$CF_DNS_API_TOKEN
- CF_DNS_API_TOKEN=$CLOUDFLARE_DNS_API_TOKEN
cap_add:
- NET_BIND_SERVICE
security_opt:
- no-new-privileges:true
restart: unless-stopped
@@ -138,4 +135,19 @@ helper.mkPodmanService {
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
'';
};
extraOptions = {
enable.default = true;
staticConfigFile = mkOption {
type = types.str;
default = "traefik/config.yaml";
description = "The path for Traefik's static configuration file, relative to /etc/";
};
logLevel = mkOption {
type = types.enum [ "TRACE" "DEBUG" "INFO" "WARN" "ERROR" "FATAL" ];
default = "ERROR";
description = "The level of detail Traefik should print in the logs.";
};
# traefikDynamicConfigDir defined at global.nix
};
}