diff options
| author | Joerg Thalheim <joerg@thalheim.io> | 2017-10-04 11:47:34 +0100 |
|---|---|---|
| committer | Joerg Thalheim <joerg@thalheim.io> | 2017-10-04 11:49:42 +0100 |
| commit | 3468c9e5cce9c5fb27b96937b610dc3e02667d6f (patch) | |
| tree | 6b4e79c7ebeb82ee3da1e584618a12d6878939a1 /nixos | |
| parent | 2e5297217de007beb8444092e03cca97bf06e4ef (diff) | |
| download | nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar.gz nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar.bz2 nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar.lz nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar.xz nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.tar.zst nixlib-3468c9e5cce9c5fb27b96937b610dc3e02667d6f.zip | |
nixos/traefik: create /var/lib/traefik with correct permissions
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/web-servers/traefik.nix | 59 |
1 files changed, 30 insertions, 29 deletions
diff --git a/nixos/modules/services/web-servers/traefik.nix b/nixos/modules/services/web-servers/traefik.nix index 560f0b2a6f15..53f5a3c3c2be 100644 --- a/nixos/modules/services/web-servers/traefik.nix +++ b/nixos/modules/services/web-servers/traefik.nix @@ -4,17 +4,16 @@ with lib; let cfg = config.services.traefik; -configFile = - if (cfg.configFile == null) then - (pkgs.runCommand "config.toml" { - buildInputs = [ pkgs.remarshal ]; - } '' - remarshal -if json -of toml \ - < ${pkgs.writeText "config.json" (builtins.toJSON cfg.configOptions)} \ - > $out - '') - else - cfg.configFile; + configFile = + if cfg.configFile == null then + pkgs.runCommand "config.toml" { + buildInputs = [ pkgs.remarshal ]; + } '' + remarshal -if json -of toml \ + < ${pkgs.writeText "config.json" (builtins.toJSON cfg.configOptions)} \ + > $out + '' + else cfg.configFile; in { options.services.traefik = { @@ -24,38 +23,35 @@ in { default = null; example = /path/to/config.toml; type = types.nullOr types.path; - description = "Verbatim traefik.toml to use"; + description = '' + Path to verbatim traefik.toml to use. + (Using that option has precedence over <literal>configOptions</literal>) + ''; }; + configOptions = mkOption { description = '' Config for Traefik. ''; type = types.attrs; + default = { + defaultEntryPoints = ["http"]; + entryPoints.http.address = ":80"; + }; example = { defaultEntrypoints = [ "http" ]; - web = { - address = ":8080"; - }; - entryPoints = { - http = { - address = ":80"; - }; - }; + web.address = ":8080"; + entryPoints.http.address = ":80"; + file = {}; frontends = { frontend1 = { backend = "backend1"; - routes.test_1 = { - rule = "Host:localhost"; - }; + routes.test_1.rule = "Host:localhost"; }; }; - backends = { - backend1 = { - servers.server1 = { - url = "http://localhost:8000"; - }; - }; + backends.backend1 = { + servers.server1.url = "http://localhost:8000"; }; }; }; @@ -82,7 +78,12 @@ in { after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { + PermissionsStartOnly = true; ExecStart = ''${cfg.package.bin}/bin/traefik --configfile=${configFile}''; + ExecStartPre = [ + ''${pkgs.coreutils}/bin/mkdir -p "${cfg.dataDir}"'' + ''${pkgs.coreutils}/bin/install -d -m700 --owner traefik --group traefik "${cfg.dataDir}"'' + ]; Type = "simple"; User = "traefik"; Group = "traefik"; |