homelab
/
config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Give traefik a writeable persistent directory for ACME

main
kalle 2024-12-26 20:58:46 +01:00
parent 2c6f2b0030
commit 8b0483d0df
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
roles/traefik.nix
View File

@ -36,6 +36,19 @@
) (builtins.attrNames hosts); ) (builtins.attrNames hosts);
in in
{ {
environment.persistence."/persistent" = {
directories = [
"/etc/traefik"
{
directory = "/etc/traefik";
user = "traefik";
group = "root";
mode = "u=rwx,g=,o=";
}
];
};
sops.secrets = { sops.secrets = {
"traefik/acmeEmail" = { "traefik/acmeEmail" = {
owner = "traefik"; owner = "traefik";
@ -94,7 +107,7 @@
letsencrypt = { letsencrypt = {
acme = { acme = {
email = "$acmeEmail"; email = "$acmeEmail";
storage = "acme.json"; storage = "/etc/traefik/acme.json";
dnsChallenge = { dnsChallenge = {
provider = "cloudflare"; provider = "cloudflare";
}; };