Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

route gitea ssh through traefik

Browse Source
This commit is contained in:
Nathan
2026-02-01 08:15:13 -06:00
parent 536a76ca80
commit a00a888676
4 changed files with 18 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
system/virtualization/containers/gitea/default.nix
View File

@@ -8,8 +8,6 @@
config = lib.mkIf config.sysconfig.containers.gitea.enable { config = lib.mkIf config.sysconfig.containers.gitea.enable {
networking = { networking = {
hosts."192.168.100.20" = [ "gitea.esotericbytes.com" ];
nat.internalInterfaces = [ "ve-gitea" ]; nat.internalInterfaces = [ "ve-gitea" ];
}; };
@@ -17,10 +15,6 @@
"gitea/dbpass" = {}; "gitea/dbpass" = {};
}; };
networking.firewall.allowedTCPPorts = [
2222
];
containers.gitea = { containers.gitea = {
autoStart = true; autoStart = true;
@@ -28,13 +22,6 @@
hostAddress = "192.168.100.10"; hostAddress = "192.168.100.10";
localAddress = "192.168.100.20"; localAddress = "192.168.100.20";
forwardPorts = [
{
containerPort = 2222;
hostPort = 2222;
}
];
bindMounts = { bindMounts = {
"/etc/gitea/data" = { "/etc/gitea/data" = {
hostPath = "/ssd1/Gitea/data"; hostPath = "/ssd1/Gitea/data";

13
system/virtualization/docker/traefik/config/routing.yml
View File

@@ -43,3 +43,16 @@ http:
servers: servers:
- url: "http://192.168.100.20:3000" - url: "http://192.168.100.20:3000"
tcp:
routers:
gitea-ssh:
entryPoints:
- "gitea-ssh"
rule: "HostSNI(`*`)"
service: "gitea-ssh"
services:
gitea-ssh:
loadBalancer:
servers:
- address: "192.168.100.20:2222"

2
system/virtualization/docker/traefik/config/traefik.yml
View File

@@ -52,6 +52,8 @@ entryPoints:
main: "esotericbytes.com" main: "esotericbytes.com"
sans: sans:
- "*.esotericbytes.com" - "*.esotericbytes.com"
gitea-ssh:
address: ":2222"
log: log:
level: "INFO" level: "INFO"

3
system/virtualization/docker/traefik/default.nix
View File

@@ -7,7 +7,7 @@
config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) { config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) {
networking.firewall.allowedTCPPorts = [ 80 81 443 444 ]; networking.firewall.allowedTCPPorts = [ 80 81 443 444 2222 ];
sops.secrets = { sops.secrets = {
"traefik/cf_email" = {}; "traefik/cf_email" = {};
@@ -60,6 +60,7 @@
"81:81" "81:81"
"443:443" "443:443"
"444:444" "444:444"
"2222:2222"
]; ];
labels = { labels = {