fix(coder): Reverse proxy domains

2025-10-11 15:29:58 +02:00 · 2025-10-11 15:29:58 +02:00 · ae777ec460
commit ae777ec460
parent c5f857f0f1
1 changed files with 27 additions and 10 deletions
--- a/modules/apps/coder/default.nix
+++ b/modules/apps/coder/default.nix
@ -66,6 +66,12 @@ in {
        dependsOn = [
          "coderDb"
        ];
+        extraOptions = [
+          "--group-add" "131" # Add docker group to access the socket
+
+          # Modify DNS
+          "--dns=192.168.0.91"
+        ];
        ports = [
          "${toString cfg.port}:${toString coderPort}/tcp"
        ];
@ -79,16 +85,16 @@ in {
        labels = {
          "traefik.enable" = "true";
          "traefik.docker.network" = proxyNet;
-          "traefik.http.routers.coder.rule" = "Host(`code.depeuter.dev`)";
+          "traefik.http.routers.coder.rule" = "HostRegexp(`.+\.code\.depeuter\.dev`) || Host(`code.depeuter.dev`)";
          "traefik.http.services.coder.loadbalancer.server.port" = toString coderPort;
        };
        environment = {
-          CODER_PG_CONNECTION_URL = "postgresql://${postgresUser}:${postgresPassword}@database/${postgresDb}?sslmode=disable";
+          CODER_PG_CONNECTION_URL = "postgresql://${postgresUser}:${postgresPassword}@coder-db/${postgresDb}?sslmode=disable";

          # Required if you are not using the tunnel
          CODER_ACCESS_URL = cfg.accessUrl;
          CODER_WILDCARD_ACCESS_URL = cfg.wildcardAccessUrl;
-          CODER_DISABLE_PATH_APPS = "true";
+          CODER_DISABLE_PATH_APPS = "false"; # TODO Enable me!

          CODER_HTTP_ADDRESS = "0.0.0.0:${toString coderPort}";
          CODER_TLS_ENABLE = "false";
@ -105,18 +111,18 @@ in {
        hostname = "coder-db";
        image = "postgres:${coderDbVersion}";
        autoStart = true;
-        ports = lib.mkIf cfg.db.port [
-          "${toString cfg.db.port}:5432/tcp"
-        ];
-        networks = [
-          networkName
-        ];
        extraOptions = [
          ''--health-cmd="pg_isready -U ${postgresUser} -d ${postgresDb}"''
          "--health-interval=5s"
          "--health-timeout=5s"
          "--health-retries=5"
        ];
+        ports = lib.mkIf cfg.db.port [
+          "${toString cfg.db.port}:5432/tcp"
+        ];
+        networks = [
+          networkName
+        ];
        volumes = [
          "coder_data:/var/lib/postgresql/data"
        ];
@ -126,6 +132,17 @@ in {
          POSTGRES_DB = postgresDb;
        };
      };
+
+      traefik.cmd = [
+        "--entrypoints.websecure.http.tls.domains[2].main=code.depeuter.dev"
+        "--entrypoints.websecure.http.tls.domains[2].sans=*.code.depeuter.dev"
+      ];
+    };
+
+    virtualisation.docker.daemon.settings = {
+      dns = [
+        "192.168.0.91"
+      ];
    };
  };
-}
+}