Fixed and Enabled Binary Cache

modules/nixos/services/binary-cache/default.nix

@@ -10,25 +10,25 @@ in
     enable = lib.mkOption {
       type = with lib.types; uniq bool;
       default = false;
-      description = "Enable minecraft server";
+      description = "Enable Preconfigured Binary-Cache";
     };
   };
 
   config = lib.mkIf cfg.enable {
     services.nix-serve = {
       enable = true;
-      secretKeyFile = "/var/secrets/cache-games01-private-key.pem";
+      secretKeyFile = "/var/secrets/cache-game01-private-key.pem";
-      bindAddress = "cache.game01.kb-one.de";
     };
 
     # Configure Reverse-Proxy
     services.traefik-proxy.enable = true;
-    services.traefik.staticConfigOptions = {
+    services.traefik.dynamicConfigOptions = {
+      http.services.nix-cache.loadBalancer.servers = [ { url = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}/"; } ];
       http.routers.nix-cache.entrypoints = "websecure";
+      # http.routers.nix-cache.tls = true;
       http.routers.nix-cache.tls.certresolver = "letsencrypt";
-      http.routers.nix-cache.rule = "Host(`${config.services.nix-serve.bindAddress}`)";
+      http.routers.nix-cache.rule = "Host(`cache.game01.kb-one.de`)";
       http.routers.nix-cache.service = "nix-cache";
-      services.nix-cache.loadBalancer.servers = [ { url = "http://localhost:${toString config.services.nix-serve.port}/"; } ];
     };
 
   };

modules/nixos/services/traefik-proxy/default.nix

@@ -18,24 +18,25 @@ in
     services.traefik = {
       enable = true;
       staticConfigOptions = {
-        entryPoints.web.address = ":80";
+        entryPoints = {
-        entryPoints.websecure.address = ":443";
+          web = {
+            address = ":80";
+            asDefault = true;
+            http.redirections.entrypoint = {
+              to = "websecure";
+              scheme = "https";
+            };
+          };
+          websecure = {
+            address = ":443";
+            asDefault = true;
+            http.tls.certResolver = "letsencrypt";
+          };
+        };
       };
     };
     networking.firewall.allowedTCPPorts = [ 80 443 ];
 
-    # Enable Secure Dashboard
-    services.traefik.staticConfigOptions.api = {};
-    services.traefik.staticConfigOptions = {
-      http.routers.dashboard.entrypoints = "websecure";
-      http.routers.dashboard.tls.certResolver = "letsencrypt";
-      http.routers.dashboard.rule = "Host(`game01.kb-one.de`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))";
-      http.routers.dashboard.service = "api@internal";
-      # TODO: Set Basicauth via SOPS
-      # http.routers.dashboard.middlewares = "auth";
-      # http.middlewares.auth.basicauth.users = "master:\$\$2y\$\$05\$\$JwzsNHz7CMJh0RU1eMe3AOfY5H30Qr1Q/glS1r/qEHCNpo5LvWnRW";
-    };
-
     # Configure Letsencrypt
     services.traefik.staticConfigOptions = {
       certificatesResolvers.letsencrypt.acme = {

systems/x86_64-linux/kb-games-01/default.nix

@@ -36,6 +36,7 @@
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS3DoQe/4TtdTLD/Fl41rTjE0n5MyFMl59VGVejcskO kb voloxo"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpN/3esM0SFLJ2guCBOYX8IdBC+jUiMF+xPYkTEuzbe kb-work yerukall"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMN1LWMOfFtRKkSLIA/XTj3KYm7OG2bjqEmGXj0gmDc7 kb@LoyAdjo"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7W8FUUvM8rUGK6qV3XOIxR0y/pdyo9z5HZNzOADs5+ kb@Rubtrm"
     ];
     isNormalUser = true;
     extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
@@ -71,16 +72,16 @@
 
   # Minecraft Servers
   services.minecraft = {
-    enable = true;
+    enable = false;
     servers.velocity.enable = true;
     servers.survival.enable = true;
   };
 
   # Forgejo Runner
-  services.forgejo-runner.enable = true;
+  services.forgejo-runner.enable = false;
 
   # Binary Cache 
-  # services.binary-cache.enable = true;
+  services.binary-cache.enable = true;
 
   # Do NOT change this value 
   system.stateVersion = "24.05"; # Did you read the comment?