ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Proxy wordpress sites through the cloud.

Browse Source
This commit is contained in:
Petru
2024-01-03 20:56:27 +00:00
parent 2c4f236e2b
commit 048f783f89
4 changed files with 130 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/alo-cloud-1/default.nix
View File

@@ -4,6 +4,7 @@
../../common/global ../../common/global
../../common/cloud-node.nix ../../common/cloud-node.nix
./hardware.nix ./hardware.nix
./reverse-proxy.nix
]; ];
boot.initrd.kernelModules = [ "virtio_gpu" ]; boot.initrd.kernelModules = [ "virtio_gpu" ];

120
hosts/alo-cloud-1/reverse-proxy.nix Normal file
View File

@@ -0,0 +1,120 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.traefik ];
environment.persistence."/persist".files = [
"/acme/acme.json"
];
services.traefik = {
enable = true;
staticConfigOptions = {
global = {
checkNewVersion = false;
sendAnonymousUsage = false;
};
accessLog = {};
certificatesResolvers = {
letsencrypt = {
acme = {
email = "petru@paler.net";
storage = "/acme/acme.json";
tlsChallenge = {};
};
};
};
entryPoints = {
web = {
address = ":80";
http = {
redirections = {
entrypoint = {
to = "websecure";
scheme = "https";
permanent = true;
};
};
};
};
websecure = {
address = ":443";
http = {
tls = {
certResolver = "letsencrypt";
};
};
};
};
};
dynamicConfigOptions = {
http = {
services = {
alo-cluster = {
loadBalancer = {
servers = [
{
# edgy over Tailscale
url = "http://100.64.229.126:10080";
}
];
};
};
};
routers = {
wordpress-paler-net = {
entryPoints = "websecure";
rule = "Host(`wordpress.paler.net`)";
service = "alo-cluster";
};
ines-paler-net = {
entryPoints = "websecure";
rule = "Host(`ines.paler.net`)";
service = "alo-cluster";
};
coachingfor-me = {
entryPoints = "websecure";
rule = "Host(`coachingfor.me`)";
service = "alo-cluster";
};
coachingfor-work = {
entryPoints = "websecure";
rule = "Host(`coachingfor.work`)";
service = "alo-cluster";
};
petru-ines-paler-net = {
entryPoints = "websecure";
rule = "Host(`petru.ines.paler.net`)";
service = "alo-cluster";
};
liam-paler-net = {
entryPoints = "websecure";
rule = "Host(`liam.paler.net`)";
service = "alo-cluster";
};
tomas-paler-net = {
entryPoints = "websecure";
rule = "Host(`tomas.paler.net`)";
service = "alo-cluster";
};
musictogethersilvercoast-pt = {
entryPoints = "websecure";
rule = "Host(`musictogethersilvercoast.pt`)";
service = "alo-cluster";
};
};
};
};
};
}

8
services/traefik.hcl
View File

@@ -16,6 +16,9 @@ job "traefik" {
#host_network = "tailscale" #host_network = "tailscale"
static = "9002" static = "9002"
} }
port "http4proxy" {
static = 10080
}
} }
task "traefik" { task "traefik" {
@@ -52,7 +55,7 @@ job "traefik" {
config { config {
image = "traefik:latest" image = "traefik:latest"
ports = ["http", "https", "admin"] ports = ["http", "https", "admin", "http4proxy"]
network_mode = "host" network_mode = "host"
volumes = [ volumes = [
"local/traefik.yml:/etc/traefik/traefik.yml", "local/traefik.yml:/etc/traefik/traefik.yml",
@@ -112,6 +115,9 @@ entryPoints:
scheme: https scheme: https
permanent: true permanent: true
web4proxy:
address: ":{{{ env "NOMAD_PORT_http4proxy" }}}"
websecure: websecure:
address: ":{{{ env "NOMAD_PORT_https" }}}" address: ":{{{ env "NOMAD_PORT_https" }}}"
http: http:

5
services/wordpress.hcl
View File

@@ -46,9 +46,8 @@ job "wordpress" {
tags = [ tags = [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.wordpress.entryPoints=websecure", "traefik.http.routers.wordpress.entryPoints=web4proxy",
"traefik.http.routers.wordpress.middlewares=authentik@file", "traefik.http.routers.wordpress.rule=Host(`wordpress.paler.net`) || Host(`ines.paler.net`) || Host(`coachingfor.me`) || Host(`coachingfor.work`) || Host(`petru.ines.paler.net`) || Host(`liam.paler.net`) || Host(`tomas.paler.net`) || Host(`musictogethersilvercoast.pt`)",
"traefik.http.routers.wordpress.rule=Host(`wordpress.paler.net`)",
] ]
} }
} }