Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2f4419eb59bf0b4dad85c358349eb5dce5cb0bbf
Olympus/system/virtualization/docker/traefik/default.nix
Nathan 2f4419eb59 begin great docker migration
2026-01-30 00:08:37 -06:00

87 lines
2.7 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }: {
options.sysconfig.docker.traefik.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) {
sops.secrets = {
"traefik/cf_email" = {};
"traefik/cf_api_key" = {};
};
sops.templates."traefik.env" = {
content = ''
CF_API_EMAIL=${config.sops.placeholder."traefik/cf_email"}
CF_DNS_API_TOKEN=${config.sops.placeholder."traefik/cf_api_key"}
'';
};
virtualisation.oci-containers.containers.traefik = {
image = "traefik:3.6";
environment = {
};
environmentFiles = [ config.sops.templates."traefik.env".path ];
volumes = [
"vol_traefik:/etc/traefik/data"
"/run/docker.sock:/var/run/docker.sock"
];
networks = [
"docker-main"
];
log-driver = "journald";
};
systemd.services."docker-traefik" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
RestartMaxDelaySec = lib.mkOverride 90 "1m";
RestartSec = lib.mkOverride 90 "100ms";
RestartSteps = lib.mkOverride 90 9;
};
after = [
"docker-network-authentik_default.service"
"docker-volume-vol_traefik.service"
];
requires = [
"docker-network-authentik_default.service"
"docker-volume-vol_traefik.service"
];
partOf = [
"docker-compose-traefik-root.target"
];
wantedBy = [
"docker-compose-traefik-root.target"
];
};
# Volumes
systemd.services."docker-volume-vol_traefik" = {
path = [ pkgs.docker ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
docker volume inspect vol_traefik || docker volume create vol_traefik --driver=btrfs
'';
partOf = [ "docker-compose-traefik-root.target" ];
wantedBy = [ "docker-compose-traefik-root.target" ];
};
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."docker-compose-traefik-root" = {
wantedBy = [ "multi-user.target" ];
};
};
}
Reference in New Issue View Git Blame Copy Permalink