chaos/salt-pillar
Archived
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

auot02 with frakin' nginx doesnt work

Browse Source
This commit is contained in:
do
2021-01-31 12:56:57 +01:00
parent c43ff2833a
commit 50ce8787a2
1 changed files with 115 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

192
base/hostconfig/auto02.sls
View File

@@ -1,16 +1,16 @@
systemd:
service:
homeassistant:
container-homeassistant:
Unit:
Description: Homeassistant
After: network-online.target local-fs.target
Requires: io.podman.service
Service:
ExecStart: /usr/bin/podman start -a homeassistant
ExecStop: /usr/bin/podman stop homeassistant
ExecStop: /usr/bin/podman stop homeassistant
Install:
WantedBy: multi-user.target
homeassistant-configurator:
container-homeassistant-configurator:
Unit:
Description: Homeassistant Configurator
After: network-online.target local-fs.target
@@ -20,17 +20,17 @@ systemd:
ExecStop: /usr/bin/podman stop homeassistant-configurator
Install:
WantedBy: multi-user.target
pihole:
container-pihole:
Unit:
Description: pihole
After: network-online.target local-fs.target
Requires: io.podman.service
Service:
ExecStart: /usr/bin/podman start -a pihole
ExecStop: /usr/bin/podman stop pihole
ExecStop: /usr/bin/podman stop pihole
Install:
WantedBy: multi-user.target
docker-registry:
container-docker-registry:
Unit:
Description: Docker Registry
After: network-online.target local-fs.target
@@ -39,74 +39,112 @@ systemd:
ExecStart: /usr/bin/podman start -a docker-registry
ExecStop: /usr/bin/podman stop docker-registry
Install:
WantedBy: multi-user.target
haproxy:
enabled: True
overwrite: True
global:
stats:
enable: True
socketpath: /var/lib/haproxy/stats
mode: 660
level: admin
# Optional extra bind parameter, for example to set the owner/group on the socket file
extra: user haproxy group haproxy
ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384"
ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"
user: haproxy
group: haproxy
chroot:
enable: True
path: /var/lib/haproxy
daemon: True
defaults:
stats:
- enable
- uri: '/admin?stats'
- realm: 'Haproxy\ Statistics'
- auth: 'admin1:AdMiN123'
errorfiles:
400: /etc/haproxy/errors/400.http
403: /etc/haproxy/errors/403.http
408: /etc/haproxy/errors/408.http
500: /etc/haproxy/errors/500.http
502: /etc/haproxy/errors/502.http
503: /etc/haproxy/errors/503.http
504: /etc/haproxy/errors/504.http
resolvers:
local_dns:
options:
- nameserver resolvconf 192.168.10.1:53
- resolve_retries 3
- timeout retry 1s
- hold valid 10s
listens:
stats:
bind:
- "0.0.0.0:8998"
mode: http
stats:
enable: True
uri: "/admin?stats"
refresh: "20s"
frontends:
frontend1:
name: auto
bind: "*:80"
default_backend: auto
acls:
- host_auto hdr_beg(host) -i auto.
use_backends:
- auto if host_auto
backends:
backend1:
name: auto
balance: roundrobin
servers:
server1:
name: auto02
host: 127.0.0.1
port: 8123
check: check
WantedBy: multi-user.target
container-zwave2mqtt:
Unit:
Description: zwave2mqtt - yes
After: network-online.target local-fs.target
Requires: io.podman.service
Service:
ExecStart: /usr/bin/podman start -a zwave2mqtt
ExecStop: /usr/bin/podman stop zwave2mqtt
Install:
WantedBy: multi-user.target
nginx:
install_from_repo: False
server:
config:
events:
worker_connections: 100
servers:
managed:
default:
enabled: false
status:
enabled: true
config:
- server:
- server_name: _
- listen:
- 127.0.0.1:80
- location /stub_status:
- stub_status: ''
proxy_auto:
enabled: true
config:
- server:
- server_name: auto2 auto2.chaos
- listen:
- 80 default_server
- location /:
- proxy_pass: http://127.0.0.1:8123
- proxy_set_header: "Host $host"
- proxy_http_version: "1.1"
- proxy_set_header: "X-Real-IP $remote_addr"
- proxy_set_header: "X-Forwarded-For $proxy_add_x_forwarded_for"
- proxy_set_header: "Ugrade $http_upgrade"
- proxy_set_header: "Connection \"Upgrade\""
- location /api/websocket:
- proxy_pass: http://127.0.0.1:8123/api/websocket
- proxy_set_header: "Host $host"
- proxy_http_version: "1.1"
- proxy_set_header: "X-Real-IP $remote_addr"
- proxy_set_header: "X-Forwarded-For $proxy_add_x_forwarded_for"
- proxy_set_header: "Ugrade $http_upgrade"
- proxy_set_header: "Connection \"Upgrade\""
proxy_auto-conf:
enabled: true
config:
- server:
- server_name: auto-conf auto-conf.chaos
- listen:
- '80'
- location /:
- proxy_redirect: "off"
- proxy_pass: http://127.0.0.1:3218
proxy_pihole:
enabled: true
config:
- server:
- server_name: pihole pihole.chaos
- listen:
- '80'
- location /admin:
- proxy_redirect: "off"
- proxy_pass: http://127.0.0.1:8080/admin
- add_header: 'Access-Control-Allow-Origin: "*"'
- proxy_set_header: 'Access-Control-Allow-Origin: "*"'
proxy_docker-reg:
enabled: true
config:
- server:
- server_name: docker-registry docker-registry.chaos docker-registry.lan
- listen:
- '80'
- location /:
- proxy_redirect: "off"
- proxy_pass: http://127.0.0.1:5000
- client_max_body_size: '10G'
- proxy_set_header: 'Host $host'
- proxy_set_header: 'X-Forwarded-For $remote_addr'
- proxy_set_header: 'Proxy-Connection ""'
- proxy_set_header: 'Access-Control-Allow-Origin "*"'
- proxy_set_header: 'Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"'
- proxy_set_header: 'Access-Control-Allow-Headers "Authorization, Accept"'
- proxy_set_header: 'Access-Control-Allow-Credentials true'
- proxy_set_header: 'Access-Control-Expose-Headers "Docker-Content-Digest"'
- add_header: 'Access-Control-Allow-Origin "*"'
- add_header: 'Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"'
- add_header: 'Access-Control-Allow-Headers "Authorization, Accept"'
- add_header: 'Access-Control-Allow-Credentials true'
- add_header: 'Access-Control-Expose-Headers "Docker-Content-Digest"'
proxy_zwave2mqtt:
enabled: true
config:
- server:
- server_name: zwave2mqtt zwave2mqtt.chaos
- listen:
- '80'
- location /:
- proxy_redirect: "off"
- proxy_pass: http://127.0.0.1:8091