Setup HTTPS

2025-04-30 02:02:17 +10:00
parent 8bb9fb18df
commit 557b187c30
6 changed files with 88 additions and 21 deletions
--- a/1-nixos-node/configuration.nix
+++ b/1-nixos-node/configuration.nix
@@ -45,6 +45,12 @@
        };
        client = {
          enabled = true;
+          host_volume = {
+            traefik = {
+              path = "/opt/traefik";
+              read_only = false;
+            };
+          };
        };
      };
    };
@@ -66,13 +72,15 @@
    };
  };

-  # Fix issue where nomad needs alloc_mounts to be writable
  systemd.tmpfiles.rules = [
+    # Fix issue where nomad needs alloc_mounts to be writable
    "d /var/lib/alloc_mounts 0755 root root -"
+    # Create a directory for Traefik to store its data (tls certs, etc.)
+    "d /opt/traefik 0755 root root -"
  ];

  # Open ports in the firewall. 464X are the default ports for Nomad.
-  networking.firewall.allowedTCPPorts = [ 80 4646 4647 4648 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 4646 4647 4648 ];

  # Copy the NixOS configuration file and link it from the resulting system
  # (/run/current-system/configuration.nix). This is useful in case you