How to Set up Cloudflare Tunnels With Traefik (In NixOS)

Recently, I was setting up Navidrome, kind of like a self-hosted Spotify, in my home lab and I wanted to set it up to use proxy auth in Authentik. But to do this I needed to use with a reverse proxy, i.e. Traefik. In this article I will show you how to you can point your Cloudflare tunnel to Traefik and have that forward the request to the service. Prerequisite In this article, I assume you are already familiar with Cloudflare Tunnels and Traefik. ...

How to Set up Authentik Forward Auth With Traefik on NixOS

In this post, I will show you how you can set up forward auth for a single host in Authentik, with Traefik as our reverse proxy on NixOS. This is particularly useful way to protect apps that don’t have any built in auth. Authentik is a great app which can handle authentication for almost all of our home lab. So we only need to log in with Authentik, to log in to any of our apps. ...

Setup TLS Certificate With Traefik & Tailscale on NixOS

Recently I have been playing around with running a homelab directly on a NixOS machine without kubernetes. I didn’t want to bother to have to setup certificates using Traefik (DNS challenge) and Cloudflare. I wanted to use the certificate that comes with Tailscale (wireguard VPN I use to connect to my home lab). In this post I will show you how I set this up as a Nix module. Nix Let us look at the relevant Nix code. ...