meow

2025-11-24 09:33:42 +01:00 · 2025-11-24 09:33:42 +01:00 · 0eb6953b0d
commit 0eb6953b0d
parent 83de52d5db
212 changed files with 1006 additions and 13525 deletions
--- a/modules/services/traefik.nix
+++ b/modules/services/traefik.nix
@ -12,9 +12,21 @@ let
      router = "simpleproxy-${n}-router";
      service = "simpleproxy-${n}-service";
      spl = lib.splitString "." v.host;
-      certDomain = if (builtins.length spl) > 2 then lib.concatStringsSep "." (builtins.tail spl) else spl;
+      certDomain =
+        if (builtins.length spl) > 2 then lib.concatStringsSep "." (builtins.tail spl) else spl;
    in
    {
+      routers."${router}-robotstxt" = {
+        service = "robotstxt";
+        rule = "Host(`${v.host}`) && Path(`/robots.txt`)";
+        tls.domains = [
+          {
+            main = certDomain;
+            sans = [ "*.${certDomain}" ];
+          }
+        ];
+
+      };
      routers.${router} = {
        inherit service;
        rule = "Host(`${v.host}`)";
@ -29,13 +41,21 @@ let
        loadBalancer.servers = [
          { url = v.internal; }
        ];
-
+      };
+      services.robotstxt = {
+        loadBalancer.servers = [
+          { url = "http://127.0.0.2"; }
+        ];
      };
    }
  ) cfg.simpleProxy;
 in
 {
  options.xyno.services.traefik.enable = lib.mkEnableOption "enables traefik";
+  options.xyno.services.traefik.noBots = lib.mkOption {
+    type = lib.types.bool;
+    default = true;
+  };
  options.xyno.services.traefik.simpleProxy = lib.mkOption {
    example = {
      "example" = {
@ -57,12 +77,24 @@ in
          host = lib.mkOption {
            type = lib.types.str;
          };
+
        };
      }
    );

  };
  config = lib.mkIf cfg.enable {
+    services.nginx = {
+      enable = lib.mkIf cfg.noBots true;
+      defaultListenAddresses = lib.mkIf cfg.noBots [ "127.0.0.2" ];
+      virtualHosts.localhost.locations."/".root = pkgs.writeTextFile {
+        name = "robots.txt";
+        text = ''
+          User-Agent: *
+          Disallow /
+        '';
+      };
+    };
    services.traefik = {
      enable = true;
      environmentFiles = [
@ -96,7 +128,7 @@ in
        };
      };
      dynamicConfigOptions = {
-        http = simpleProxyOpts;
+        http = lib.mkMerge simpleProxyOpts;
        tls.options.default = {
          # mozilla modern
          minVersion = "VersionTLS13";