From f377b0a4ec76943c31ccb7516d9bf82a4bae84c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= Date: Thu, 26 Feb 2026 16:28:51 +0100 Subject: [PATCH] Fixed Traefik folders situation. Configuration is defined in `/etc/traefik` and then copied to Traefik's`configDir`. --- modules/services/traefik.nix | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/modules/services/traefik.nix b/modules/services/traefik.nix index db1ebc2..d8f68da 100644 --- a/modules/services/traefik.nix +++ b/modules/services/traefik.nix @@ -21,7 +21,7 @@ helper.mkPodmanService { dependencies = [ "network.target" "multi-user.target" ]; startDelay = 10; generatedSecrets = { - CLOUDFLARE_DNS_API_TOKEN = "cat ${config.numbus.mail.smtpPasswordPath}"; + CLOUDFLARE_DNS_API_TOKEN = "cat ${config.sops.secrets."cloudflareDnsApiToken".path}"; }; dirPermissions = [ "100999:users ${cfg.configDir}" @@ -40,9 +40,9 @@ helper.mkPodmanService { - "80:80/tcp" - "443:443/tcp" volumes: - - /etc/static/traefik/traefik.yaml:/etc/traefik/traefik.yaml:ro - - /etc/static/traefik/rules:/etc/static/traefik/rules:ro - - ${cfg.configDir}:/var/traefik/certs:rw + - ${cfg.configDir}/traefik.yaml:/etc/traefik/traefik.yaml:ro + - ${cfg.configDir}/rules:/etc/static/traefik/rules:ro + - ${cfg.configDir}/certs:/var/traefik/certs:rw environment: - CF_DNS_API_TOKEN=$CLOUDFLARE_DNS_API_TOKEN cap_add: @@ -135,6 +135,23 @@ helper.mkPodmanService { - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ''; + + systemd.services."${name}-quirk" = { + description = "Podman container quirk : ${name}"; + wantedBy = [ "multi-user.target" ]; + after = [ "${name}.service" "${name}-secrets.service" ]; + onFailure = [ "service-failure-notify@%n.service" ]; + startLimitBurst = 5; + startLimitIntervalSec = 600; + path = [ pkgs.coreutils ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + cp -ravu /etc/traefik ${cfg.configDir} + ''; + }; }; extraOptions = {