test

2025-09-30 18:29:34 -05:00
parent ec23a7fe14
commit 751b4f9f69
37 changed files with 814 additions and 971 deletions
--- a/modules/nixos/services/traefik/default.nix
+++ b/modules/nixos/services/traefik/default.nix
@@ -9,42 +9,46 @@ let
  cfg = config.${namespace}.services.traefik;

  # Process extraServices into service configurations
-  extraServiceConfigs = 
+  extraServiceConfigs =
    let
-      makeService = service: nameValuePair service.name {
-        loadBalancer.servers = [
-          {
-            url = service.url;
-          }
-        ];
-      };
+      makeService =
+        service:
+        nameValuePair service.name {
+          loadBalancer.servers = [
+            {
+              url = service.url;
+            }
+          ];
+        };
    in
    listToAttrs (map makeService cfg.extraServices);

  # Process extraRouters into router configurations
-  extraRouterConfigs = 
+  extraRouterConfigs =
    let
-      makeRouter = router: nameValuePair router.subdomain {
-        entryPoints = router.entryPoints;
-        rule = "Host(`${router.subdomain}.${domain}`)";
-        service = router.service;
-        middlewares = router.middlewares ++ [
-          "crowdsec"
-          "whitelist-geoblock"
-        ];
-        tls.certResolver = "letsencrypt";
-      };
+      makeRouter =
+        router:
+        nameValuePair router.subdomain {
+          entryPoints = router.entryPoints;
+          rule = "Host(`${router.subdomain}.${domain}`)";
+          service = router.service;
+          middlewares = router.middlewares ++ [
+            "crowdsec"
+            "whitelist-geoblock"
+          ];
+          tls.certResolver = "letsencrypt";
+        };
    in
    listToAttrs (map makeRouter cfg.extraRouters);

  # Process reverseProxies into service and router configurations
-  reverseProxyServiceConfigs = 
+  reverseProxyServiceConfigs =
    let
      makeService = reverseProxy: nameValuePair reverseProxy.service.name reverseProxy.service.config;
    in
    listToAttrs (map makeService cfg.reverseProxies);

-  reverseProxyRouterConfigs = 
+  reverseProxyRouterConfigs =
    let
      makeRouter = reverseProxy: nameValuePair reverseProxy.router.subdomain reverseProxy.router.config;
    in
@@ -292,7 +296,7 @@ in
                url = authUrl;
              }
            ];
-            
+
            authentik.loadBalancer.servers = [
              {
                url = authentikUrl;
@@ -348,7 +352,9 @@ in
                url = paperlessUrl;
              }
            ];
-          } // extraServiceConfigs // reverseProxyServiceConfigs;
+          }
+          // extraServiceConfigs
+          // reverseProxyServiceConfigs;

          routers = {
            auth = {
@@ -457,7 +463,9 @@ in
              ];
              tls.certResolver = "letsencrypt";
            };
-          } // extraRouterConfigs // reverseProxyRouterConfigs;
+          }
+          // extraRouterConfigs
+          // reverseProxyRouterConfigs;
        };
      };
    };
--- a/modules/nixos/services/traefik/options.nix
+++ b/modules/nixos/services/traefik/options.nix
@@ -1,34 +1,42 @@
 { lib, namespace, ... }:
 with lib;
 let
-  inherit (lib.${namespace}) mkOpt mkBoolOpt;
+  inherit (lib.${namespace}) mkOpt;
 in
 {
  options.${namespace}.services.traefik = {
    enable = mkEnableOption "enable traefik";

-    extraServices = mkOpt (types.listOf (types.submodule {
-          options = {
-            name = mkOpt types.str "" "Name of the service";
-            url = mkOpt types.str "http://localhost:8080" "Url of the service";
-          };
-        })) [ ] "List of extra services to forward";
+    extraServices = mkOpt (types.listOf (
+      types.submodule {
+        options = {
+          name = mkOpt types.str "" "Name of the service";
+          url = mkOpt types.str "http://localhost:8080" "Url of the service";
+        };
+      }
+    )) [ ] "List of extra services to forward";

-    extraRouters = mkOpt (types.listOf (types.submodule {
-          options = {
-            entryPoints = mkOpt (types.listOf types.str) [ "websecure" ] "Entrypoint";
-            subdomain = mkOpt types.str "" "subdomain of the service";
-            service = mkOpt types.str "" "name of the service";
-            middlewares = mkOpt (types.listOf (types.enum [
-                              "authentik"
-                              "onlyoffice-websocket"
-                              "crowdsec"
-                              "whitelist-geoblock"
-                              "internal-ipallowlist"
-                            ])) [ ] "List of middlewares to enable";
-          };
-        })) [ ] "List of extra services to forward";
+    extraRouters = mkOpt (types.listOf (
+      types.submodule {
+        options = {
+          entryPoints = mkOpt (types.listOf types.str) [ "websecure" ] "Entrypoint";
+          subdomain = mkOpt types.str "" "subdomain of the service";
+          service = mkOpt types.str "" "name of the service";
+          middlewares = mkOpt (types.listOf (
+            types.enum [
+              "authentik"
+              "onlyoffice-websocket"
+              "crowdsec"
+              "whitelist-geoblock"
+              "internal-ipallowlist"
+            ]
+          )) [ ] "List of middlewares to enable";
+        };
+      }
+    )) [ ] "List of extra services to forward";

-    reverseProxies = mkOpt (types.listOf types.attrs) [ ] "List of reverse proxy configurations from mkReverseProxy";
+    reverseProxies =
+      mkOpt (types.listOf types.attrs) [ ]
+        "List of reverse proxy configurations from mkReverseProxy";
  };
 }