system/services/traefik.nix

{
  config,
  lib,
  ...
}:
with lib; let
  cfg = config.mySystem.services.traefik;
in {
  options.mySystem.services.traefik = {
    enable = mkEnableOption "Enable Traefik";
    email = mkOption {
      type = types.str;
      default = "";
    };
    dataDir = mkOption {
      type = types.path;
      default = "/tank/traefik";
      example = "/path/to/traefik/data";
    };
    environmentFiles = mkOption {
      type = types.listOf types.path;
      example = ["/var/traefik/traefik.env"];
      default = [];
    };
    dynamicConfigFile = mkOption {
      type = types.path;
      default = "${cfg.dataDir}/traefik.yaml";
      example = "/var/traefik/dynamic.yaml";
    };
  };
  config.services.traefik = {
    inherit (cfg) enable dynamicConfigFile environmentFiles;
    staticConfigOptions = {
      api.dashboard = true;
      log = {
        level = "INFO";
        filePath = "${cfg.dataDir}/traefik.log";
        format = "json";
      };
      accessLog.filePath = "${cfg.dataDir}/access.log";
      entryPoints = {
        web = {
          address = ":80";
          asDefault = true;
          http.redirections.entrypoint = {
            to = "websecure";
            scheme = "https";
          };
        };
        websecure = {
          address = ":443";
          asDefault = true;
          httpChallenge.entryPoint = "websecure";
        };
      };
      providers.docker = {
        endpoint = "unix:///var/run/docker.sock";
        exposedByDefault = false;
      };
      certificatesResolvers.cloudflare.acme = {
        inherit (cfg) email;
        storage = "${cfg.dataDir}/acme.json";
        dnsChallenge = {
          provider = "cloudflare";
          resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
          propagation.delayBeforeChecks = 60;
        };
      };
    };
  };
}
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`{`
			`config,`
			`lib,`
			`...`
			`}:`
			`with lib; let`
			`cfg = config.mySystem.services.traefik;`
			`in {`
			`options.mySystem.services.traefik = {`
			`enable = mkEnableOption "Enable Traefik";`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`email = mkOption {`
			`type = types.str;`
			`default = "";`
			`};`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`dataDir = mkOption {`
			`type = types.path;`
			`default = "/tank/traefik";`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`example = "/path/to/traefik/data";`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`};`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`environmentFiles = mkOption {`
			`type = types.listOf types.path;`
			`example = ["/var/traefik/traefik.env"];`
			`default = [];`
			`};`
			`dynamicConfigFile = mkOption {`
			`type = types.path;`
			`default = "${cfg.dataDir}/traefik.yaml";`
			`example = "/var/traefik/dynamic.yaml";`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`};`
			`};`
			`config.services.traefik = {`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`inherit (cfg) enable dynamicConfigFile environmentFiles;`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`staticConfigOptions = {`
			`api.dashboard = true;`
			`log = {`
			`level = "INFO";`
			`filePath = "${cfg.dataDir}/traefik.log";`
			`format = "json";`
			`};`
			`accessLog.filePath = "${cfg.dataDir}/access.log";`
			`entryPoints = {`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`web = {`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`address = ":80";`
			`asDefault = true;`
			`http.redirections.entrypoint = {`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`to = "websecure";`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`scheme = "https";`
			`};`
			`};`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`websecure = {`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`address = ":443";`
			`asDefault = true;`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`httpChallenge.entryPoint = "websecure";`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`};`
			`};`
			`providers.docker = {`
			`endpoint = "unix:///var/run/docker.sock";`
			`exposedByDefault = false;`
			`};`
			`certificatesResolvers.cloudflare.acme = {`
			`inherit (cfg) email;`
			`storage = "${cfg.dataDir}/acme.json";`
			`dnsChallenge = {`
			`provider = "cloudflare";`
			`resolvers = ["1.1.1.1:53" "1.0.0.1:53"];`
feat(elcafe): add new server configuration 2026-02-08 00:20:44 +01:00			`propagation.delayBeforeChecks = 60;`
feat(hosts): add NaroMk3 to the existing hosts 2025-12-06 16:35:30 +01:00			`};`
			`};`
			`};`
			`};`
			`}`