nixos-servers/kubenix-modules/traefik.nix

74 lines
1.6 KiB
Nix
Raw Normal View History

2024-05-09 19:03:27 +00:00
{ lib, myLib, ... }: {
kubernetes.resources = {
helmChartConfigs = {
traefik = {
# Override Traefik's service with a static load balancer IP.
# Create endpoint for HTTPS on port 444.
# Allow external name services for servers in LAN.
spec.valuesContent = lib.generators.toYAML { } {
providers.kubernetesIngress.allowExternalNameServices = true;
service.loadBalancerIP = myLib.globals.traefikIPv4;
ports = {
localsecure = {
port = 8444;
expose = true;
exposedPort = 444;
protocol = "TCP";
tls = {
enabled = true;
options = "";
certResolver = "";
domains = [ ];
};
};
web.redirectTo.port = "websecure";
};
};
};
};
services = {
esrom.spec = {
type = "ExternalName";
externalName = "esrom.dmz";
2024-05-12 08:28:08 +00:00
ports.web = {
port = 80;
targetPort = 80;
};
};
traefik-dashboard.spec = {
selector = {
"app.kubernetes.io/name" = "traefik";
"app.kubernetes.io/instance" = "traefik-kube-system";
};
ports.web = {
port = 80;
targetPort = "traefik";
};
};
};
};
lab = {
ingresses.esrom = {
host = "esrom.kun.is";
service = {
name = "esrom";
portName = "web";
};
2024-04-13 14:37:18 +00:00
};
tailscaleIngresses.traefik-dashboard = {
host = "traefik";
service.name = "traefik-dashboard";
};
2024-04-13 14:37:18 +00:00
};
}