feat(IP): migrate to traefik and authentik, remove dead code

2025-09-23 18:13:28 +02:00
parent b752781064
commit 86624f362d
37 changed files with 1202 additions and 803 deletions
--- a/modules/server/gitea/default.nix
+++ b/modules/server/gitea/default.nix
@@ -3,13 +3,11 @@
  config,
  lib,
  ...
-}:
-let
+}: let
  unit = "gitea";
  srv = config.server;
  cfg = config.server.${unit};
-in
-{
+in {
  options.server.${unit} = {
    enable = lib.mkEnableOption {
      description = "Enable ${unit}";
@@ -101,11 +99,21 @@ in
      };
    };

-    services.caddy.virtualHosts."${cfg.url}" = {
-      useACMEHost = srv.domain;
-      extraConfig = ''
-        reverse_proxy http://127.0.0.1:5003
-      '';
+    services.traefik = {
+      dynamicConfigOptions = {
+        http = {
+          services.gitea.loadBalancer.servers = [{url = "http://127.0.0.1:5003";}];
+          routers = {
+            gitea = {
+              entryPoints = ["websecure"];
+              rule = "Host(`${cfg.url}`)";
+              service = "gitea";
+              tls.certResolver = "letsencrypt";
+              # middlewares = ["authentik"];
+            };
+          };
+        };
+      };
    };

    server.postgresql.databases = [