machines/magenta: use entrypoint configuration to https redirection

2023-03-05 16:09:24 +03:00 · 2023-03-05 16:09:24 +03:00 · 3e9c3701b1
commit 3e9c3701b1
parent b862cab4ef
2 changed files with 8 additions and 12 deletions
--- a/machines/magenta/services/gitea.nix
+++ b/machines/magenta/services/gitea.nix
@ -108,13 +108,7 @@ in

  services.traefik.dynamicConfigOptions.http = {
    routers = {
-      to_gitea_http = {
-        rule = "Host(`${hostname}`)";
-        entryPoints = [ "http" ];
-        middlewares = [ "https_redirect" ];
-        service = "noop@internal";
-      };
-      to_gitea_https = {
+      to_gitea = {
        rule = "Host(`${hostname}`)";
        entryPoints = [ "https" ];
        tls.certResolver = "le";
--- a/machines/magenta/services/traefik.nix
+++ b/machines/magenta/services/traefik.nix
@ -18,7 +18,13 @@ in
    enable = true;
    staticConfigOptions = {
      entryPoints = {
-        http.address = ":80";
+        http = {
+          address = ":80";
+          http.redirections.entryPoint = {
+            to = "https";
+            scheme = "https";
+          };
+        };
        https.address = ":443";
        dashboard.address = ":8080";
      };
@ -40,10 +46,6 @@ in
          service = "api@internal";
        };
        middlewares = {
-          https_redirect.redirectScheme = {
-            scheme = "https";
-            permanent = true;
-          };
          traefik_dashboard_auth.basicAuth = {
            usersFile = config.age.secrets.traefik-dashboard-basicauth-users.path;
          };