let ata-interface = "enp2s0"; in { # clan.core.vars.generators.networking.files.ata-interface.secret = false; networking.interfaces = { ${ata-interface} = { useDHCP = false; ipv4.addresses = [ { address = "192.168.254.1"; prefixLength = 24; } ]; }; }; services.dnsmasq = { enable = true; settings = { bind-interfaces = true; server = [ "1.1.1.1" "8.8.8.8" ]; domain-needed = true; domain = "localhost"; dhcp-range = [ "192.168.254.10,192.168.254.240,255.255.255.0,24h" ]; dhcp-option = [ "3,192.168.254.1" "6,8.8.8.8,8.8.4.4" ]; interface = [ ata-interface ]; }; }; services.traefik = { enable = true; staticConfigOptions = { # log.level = "DEBUG"; log = { level = "DEBUG"; filePath = "/data/traefik/traefik.log"; }; serversTransport.insecureSkipVerify = true; entryPoints = { web = { address = ":80"; transport.respondingTimeouts = { readTimeout = "3600s"; writeTimeout = "0"; idleTimeout = "300s"; }; }; websecure = { address = ":443"; transport.respondingTimeouts = { readTimeout = "3600s"; writeTimeout = "0"; idleTimeout = "300s"; }; }; }; global = { checkNewVersion = false; sendAnonymousUsage = false; }; }; dynamicConfigOptions = { http.middlewares = { redirect-to-https.redirectscheme = { scheme = "https"; permanent = true; }; redirect-to-www.redirectregex = { permanent = true; regex = "^https?://(?:www\\.)?(.+)"; replacement = "https://www.\${1}"; }; }; http = { routers.ata-web = { rule = ""; service = "ata-web"; }; services.ata-web.loadBalancer.servers = [ { url = "http://192.168.254.96"; } ]; }; }; }; networking.firewall.allowedUDPPorts = [ 53 67 ]; networking.firewall.allowedTCPPorts = [ 53 80 443 ]; }