great docker migration

2026-01-30 11:19:24 -06:00
parent 0603de3f11
commit 06edfb2795
17 changed files with 136 additions and 57 deletions
--- a/system/virtualization/docker/traefik/default.nix
+++ b/system/virtualization/docker/traefik/default.nix
@@ -19,17 +19,25 @@
            '';
        };

+        environment.etc = builtins.listToAttrs builtins.map (x: { 
+            name = "traefik/${x}"; 
+            value = {
+                source = ./config/${x};
+            };
+        }) builtins.attrNames builtins.readDir ./config;
+
        virtualisation.oci-containers.containers.traefik = {
            
-            image = "traefik:3.6";
+            image = "traefik:v3.6";
            
            environment = {
+                TRAEFIK_CERTIFICATESRESOLVERS_CLOUDFLARE_ACME_EMAIL = "\${CF_API_EMAIL}";
            };
            
            environmentFiles = [ config.sops.templates."traefik.env".path ];
            
            volumes = [
-                "vol_traefik:/etc/traefik/data"
+                "/etc/traefik/:/etc/traefik/"
                "/run/docker.sock:/var/run/docker.sock" 
            ];

@@ -37,6 +45,11 @@
                "docker-main"
            ];

+            ports = [
+                "80"
+                "443"
+            ];
+
            log-driver = "journald";
        };
        systemd.services."docker-traefik" = {
@@ -47,12 +60,10 @@
                RestartSteps = lib.mkOverride 90 9;
            };
            after = [
-                "docker-network-authentik_default.service"
-                "docker-volume-vol_traefik.service" 
+                "docker-network-setup.service"
            ];
            requires = [
-                "docker-network-authentik_default.service"
-                "docker-volume-vol_traefik.service" 
+                "docker-network-setup.service"
            ];
            partOf = [
                "docker-compose-traefik-root.target"
@@ -62,20 +73,6 @@
            ];
        };

-# Volumes
-        systemd.services."docker-volume-vol_traefik" = {
-            path = [ pkgs.docker ];
-            serviceConfig = {
-                Type = "oneshot";
-                RemainAfterExit = true;
-            };
-            script = ''
-                docker volume inspect vol_traefik || docker volume create vol_traefik --driver=btrfs
-                '';
-            partOf = [ "docker-compose-traefik-root.target" ];
-            wantedBy = [ "docker-compose-traefik-root.target" ];
-        };
-
 # Root service
 # When started, this will automatically create all resources and start
 # the containers. When stopped, this will teardown all resources.