mynix/system
1
1
Fork 0
Code Issues 2 Pull requests Activity

machines/magenta: use entrypoint configuration to https redirection

Browse source
This commit is contained in:
Dmitriy Pleshevskiy 2023-03-05 16:09:24 +03:00
parent b862cab4ef
commit 3e9c3701b1
Signed by: pleshevskiy
GPG key ID: 79C4487B44403985
2 changed files with 8 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
machines/magenta/services/gitea.nix
View file

@ -108,13 +108,7 @@ in
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
routers = { routers = {
to_gitea_http = { to_gitea = {
rule = "Host(`${hostname}`)";
entryPoints = [ "http" ];
middlewares = [ "https_redirect" ];
service = "noop@internal";
};
to_gitea_https = {
rule = "Host(`${hostname}`)"; rule = "Host(`${hostname}`)";
entryPoints = [ "https" ]; entryPoints = [ "https" ];
tls.certResolver = "le"; tls.certResolver = "le";

12
machines/magenta/services/traefik.nix
View file

@ -18,7 +18,13 @@ in
enable = true; enable = true;
staticConfigOptions = { staticConfigOptions = {
entryPoints = { entryPoints = {
http.address = ":80"; http = {
address = ":80";
http.redirections.entryPoint = {
to = "https";
scheme = "https";
};
};
https.address = ":443"; https.address = ":443";
dashboard.address = ":8080"; dashboard.address = ":8080";
}; };
@ -40,10 +46,6 @@ in
service = "api@internal"; service = "api@internal";
}; };
middlewares = { middlewares = {
https_redirect.redirectScheme = {
scheme = "https";
permanent = true;
};
traefik_dashboard_auth.basicAuth = { traefik_dashboard_auth.basicAuth = {
usersFile = config.age.secrets.traefik-dashboard-basicauth-users.path; usersFile = config.age.secrets.traefik-dashboard-basicauth-users.path;
}; };