dockerfy traefik

system/virtualization/docker/traefik/config/routing.yml

@@ -10,14 +10,6 @@ http:
       tls:
         certResolver: "cloudflare"
     
-    traefik: 
-      entryPoints: 
-        - "localsecure"
-      rule: "Host(`traefik.esotericbytes.com`)"
-      service: "api@internal"
-      tls:
-        certResolver: "cloudflare"
-
     code-server: 
       entryPoints: 
         - "localsecure"
@@ -26,6 +18,15 @@ http:
       tls:
         certResolver: "cloudflare"
 
+    gitea: 
+      entryPoints: 
+        - "localsecure"
+        - "websecure"
+      rule: "Host(`gitea.esotericbytes.com`)"
+      service: "gitea"
+      tls:
+        certResolver: "cloudflare"
+
   services: 
     homepage:
       loadBalancer:
@@ -36,3 +37,9 @@ http:
       loadBalancer:
         servers: 
           - url: "http://192.168.100.31:4444"
+    
+    homepage:
+      loadBalancer:
+        servers: 
+          - url: "http://192.168.100.20:3000"
+     

system/virtualization/docker/traefik/config/traefik.yml

@@ -2,7 +2,7 @@ providers:
   docker:
     exposedByDefault: false
   file:
-    directory: "/etc/traefik/dynamic"
+    filename: "/etc/traefik/routing.yml"
 
 serversTransport:
   insecureSkipVerify: true

system/virtualization/docker/traefik/default.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: {
+{ config, lib, ... }: {
 
     options.sysconfig.docker.traefik.enable = with lib; mkOption {
         type = with types; bool;
@@ -50,6 +50,14 @@
                 "443"
             ];
 
+            labels = {
+                "traefik.enable" = "true";
+                "traefik.http.routers.dashboard.rule" = "Host(`traefik.esotericbytes.com`)";
+                "traefik.http.routers.dashboard.entrypoints" = "localsecure";
+                "traefik.http.routers.dashboard.service" = "api@internal";
+                "traefik.http.routers.dashboard.tls.certResolver" = "cloudflare";
+            };
+
             log-driver = "journald";
         };
         systemd.services."docker-traefik" = {