From 3e9c3701b14cf6ecc8ca742b858babd86ad86ece Mon Sep 17 00:00:00 2001
From: Dmitriy Pleshevskiy <dmitriy@pleshevski.ru>
Date: Sun, 5 Mar 2023 16:09:24 +0300
Subject: [PATCH] machines/magenta: use entrypoint configuration to https
 redirection

---
 machines/magenta/services/gitea.nix   |  8 +-------
 machines/magenta/services/traefik.nix | 12 +++++++-----
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/machines/magenta/services/gitea.nix b/machines/magenta/services/gitea.nix
index c478924..76be852 100644
--- a/machines/magenta/services/gitea.nix
+++ b/machines/magenta/services/gitea.nix
@@ -108,13 +108,7 @@ in
 
   services.traefik.dynamicConfigOptions.http = {
     routers = {
-      to_gitea_http = {
-        rule = "Host(`${hostname}`)";
-        entryPoints = [ "http" ];
-        middlewares = [ "https_redirect" ];
-        service = "noop@internal";
-      };
-      to_gitea_https = {
+      to_gitea = {
         rule = "Host(`${hostname}`)";
         entryPoints = [ "https" ];
         tls.certResolver = "le";
diff --git a/machines/magenta/services/traefik.nix b/machines/magenta/services/traefik.nix
index 2cb4118..e45b8af 100644
--- a/machines/magenta/services/traefik.nix
+++ b/machines/magenta/services/traefik.nix
@@ -18,7 +18,13 @@ in
     enable = true;
     staticConfigOptions = {
       entryPoints = {
-        http.address = ":80";
+        http = {
+          address = ":80";
+          http.redirections.entryPoint = {
+            to = "https";
+            scheme = "https";
+          };
+        };
         https.address = ":443";
         dashboard.address = ":8080";
       };
@@ -40,10 +46,6 @@ in
           service = "api@internal";
         };
         middlewares = {
-          https_redirect.redirectScheme = {
-            scheme = "https";
-            permanent = true;
-          };
           traefik_dashboard_auth.basicAuth = {
             usersFile = config.age.secrets.traefik-dashboard-basicauth-users.path;
           };