diff options
Diffstat (limited to 'hosts/common/server/traefik.nix')
| -rw-r--r-- | hosts/common/server/traefik.nix | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/hosts/common/server/traefik.nix b/hosts/common/server/traefik.nix index 8765856..3bc5d26 100644 --- a/hosts/common/server/traefik.nix +++ b/hosts/common/server/traefik.nix @@ -44,6 +44,19 @@ in { entryPoints.http.address = ":80"; entryPoints.https.address = ":443"; + # the default is 8080, which conflict with unifi + entryPoints.traefik.address = ":8090"; + + api = { + dashboard = true; + insecure = true; + }; + + # The unifi controller runs on HTTPS with a self-signed + # certificate, as a result we need to accept insecure + # certificates. + serversTransport.insecureSkipVerify = true; + certificatesResolvers = { le.acme = { email = "franck@fcuny.net"; @@ -60,6 +73,7 @@ in { services.traefik.dynamicConfigOptions = mkMerge [ (mkServiceConfig "dash" "http://127.0.0.1:3000/") (mkServiceConfig "bt" "http://127.0.0.1:9091/") + (mkServiceConfig "unifi" "https://127.0.0.1:8443/") ]; systemd.services.traefik.environment.GCE_SERVICE_ACCOUNT_FILE = |