diff options
author | Franck Cuny <franck@fcuny.net> | 2022-03-06 19:21:22 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-03-06 19:21:22 -0800 |
commit | 94af34c68cef8fc5ac7f23bf826d935b84730ade (patch) | |
tree | d9dad4a591d5f65ebd6bab4fe3b3fad1759de217 /hosts/common | |
parent | unifi: configure the poller (diff) | |
download | world-94af34c68cef8fc5ac7f23bf826d935b84730ade.tar.gz |
traefik: proper configuration for unifi
Diffstat (limited to 'hosts/common')
-rw-r--r-- | hosts/common/server/traefik.nix | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/hosts/common/server/traefik.nix b/hosts/common/server/traefik.nix index 8765856..3bc5d26 100644 --- a/hosts/common/server/traefik.nix +++ b/hosts/common/server/traefik.nix @@ -44,6 +44,19 @@ in { entryPoints.http.address = ":80"; entryPoints.https.address = ":443"; + # the default is 8080, which conflict with unifi + entryPoints.traefik.address = ":8090"; + + api = { + dashboard = true; + insecure = true; + }; + + # The unifi controller runs on HTTPS with a self-signed + # certificate, as a result we need to accept insecure + # certificates. + serversTransport.insecureSkipVerify = true; + certificatesResolvers = { le.acme = { email = "franck@fcuny.net"; @@ -60,6 +73,7 @@ in { services.traefik.dynamicConfigOptions = mkMerge [ (mkServiceConfig "dash" "http://127.0.0.1:3000/") (mkServiceConfig "bt" "http://127.0.0.1:9091/") + (mkServiceConfig "unifi" "https://127.0.0.1:8443/") ]; systemd.services.traefik.environment.GCE_SERVICE_ACCOUNT_FILE = |