From 50ce8787a27238d0275a2b8711873773af8c88f3 Mon Sep 17 00:00:00 2001
From: do <do@maketank.net>
Date: Sun, 31 Jan 2021 12:56:57 +0100
Subject: [PATCH] auot02 with frakin' nginx doesnt work

---
 base/hostconfig/auto02.sls | 192 ++++++++++++++++++++++---------------
 1 file changed, 115 insertions(+), 77 deletions(-)

diff --git a/base/hostconfig/auto02.sls b/base/hostconfig/auto02.sls
index 4a8b1b6..dc5a4a6 100644
--- a/base/hostconfig/auto02.sls
+++ b/base/hostconfig/auto02.sls
@@ -1,16 +1,16 @@
 systemd:
   service:
-   homeassistant:
+    container-homeassistant:
       Unit:
         Description: Homeassistant
         After: network-online.target local-fs.target
         Requires: io.podman.service
       Service:
         ExecStart: /usr/bin/podman start -a homeassistant
-        ExecStop: /usr/bin/podman stop homeassistant 
+        ExecStop: /usr/bin/podman stop homeassistant
       Install:
         WantedBy: multi-user.target
-   homeassistant-configurator:
+    container-homeassistant-configurator:
       Unit:
         Description: Homeassistant Configurator
         After: network-online.target local-fs.target
@@ -20,17 +20,17 @@ systemd:
         ExecStop: /usr/bin/podman stop homeassistant-configurator
       Install:
         WantedBy: multi-user.target
-   pihole:
+    container-pihole:
       Unit:
         Description: pihole
         After: network-online.target local-fs.target
         Requires: io.podman.service
       Service:
         ExecStart: /usr/bin/podman start -a pihole
-        ExecStop: /usr/bin/podman stop pihole 
+        ExecStop: /usr/bin/podman stop pihole
       Install:
         WantedBy: multi-user.target
-   docker-registry:
+    container-docker-registry:
       Unit:
         Description: Docker Registry
         After: network-online.target local-fs.target
@@ -39,74 +39,112 @@ systemd:
         ExecStart: /usr/bin/podman start -a docker-registry
         ExecStop: /usr/bin/podman stop docker-registry
       Install:
-        WantedBy: multi-user.target        
-haproxy:
-  enabled: True
-  overwrite: True
-  global:
-    stats:
-      enable: True
-      socketpath: /var/lib/haproxy/stats
-      mode: 660
-      level: admin
-      # Optional extra bind parameter, for example to set the owner/group on the socket file
-      extra: user haproxy group haproxy
-    ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384"
-    ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"
-
-    user: haproxy
-    group: haproxy
-    chroot:
-      enable: True
-      path: /var/lib/haproxy
-    daemon: True
-  defaults:
-    stats:
-      - enable
-      - uri: '/admin?stats'
-      - realm: 'Haproxy\ Statistics'
-      - auth: 'admin1:AdMiN123'
-    errorfiles:
-      400: /etc/haproxy/errors/400.http
-      403: /etc/haproxy/errors/403.http
-      408: /etc/haproxy/errors/408.http
-      500: /etc/haproxy/errors/500.http
-      502: /etc/haproxy/errors/502.http
-      503: /etc/haproxy/errors/503.http
-      504: /etc/haproxy/errors/504.http
-  resolvers:
-    local_dns:
-      options:
-        - nameserver resolvconf 192.168.10.1:53
-        - resolve_retries 3
-        - timeout retry 1s
-        - hold valid 10s
-  listens:
-    stats:
-      bind:
-        - "0.0.0.0:8998"
-      mode: http
-      stats:
-        enable: True
-        uri: "/admin?stats"
-        refresh: "20s"
-  frontends:
-    frontend1:
-      name: auto 
-      bind: "*:80"
-      default_backend: auto
-      acls: 
-        - host_auto hdr_beg(host) -i auto.
-      use_backends: 
-        - auto if host_auto
-  backends:
-    backend1:
-      name: auto
-      balance: roundrobin
-      servers:
-        server1:
-          name: auto02
-          host: 127.0.0.1
-          port: 8123
-          check: check
-        
\ No newline at end of file
+        WantedBy: multi-user.target
+    container-zwave2mqtt:
+      Unit:
+        Description: zwave2mqtt - yes
+        After: network-online.target local-fs.target
+        Requires: io.podman.service
+      Service:
+        ExecStart: /usr/bin/podman start -a zwave2mqtt
+        ExecStop: /usr/bin/podman stop zwave2mqtt
+      Install:
+        WantedBy: multi-user.target
+nginx:
+  install_from_repo: False
+  server:
+    config:
+      events:
+        worker_connections: 100
+  servers:
+    managed:
+      default:
+        enabled: false
+      status:
+        enabled: true
+        config:
+        - server:
+          - server_name: _
+          - listen:
+            - 127.0.0.1:80
+          - location /stub_status:
+            - stub_status: ''
+      proxy_auto:
+        enabled: true
+        config:
+        - server:
+          - server_name: auto2 auto2.chaos
+          - listen:
+            - 80 default_server
+          - location /:
+            - proxy_pass: http://127.0.0.1:8123
+            - proxy_set_header: "Host $host"
+            - proxy_http_version: "1.1"
+            - proxy_set_header: "X-Real-IP $remote_addr"
+            - proxy_set_header: "X-Forwarded-For $proxy_add_x_forwarded_for"
+            - proxy_set_header: "Ugrade $http_upgrade"
+            - proxy_set_header: "Connection \"Upgrade\""
+          - location /api/websocket:
+            - proxy_pass: http://127.0.0.1:8123/api/websocket
+            - proxy_set_header: "Host $host"
+            - proxy_http_version: "1.1"
+            - proxy_set_header: "X-Real-IP $remote_addr"
+            - proxy_set_header: "X-Forwarded-For $proxy_add_x_forwarded_for"
+            - proxy_set_header: "Ugrade $http_upgrade"
+            - proxy_set_header: "Connection \"Upgrade\""
+      proxy_auto-conf:
+        enabled: true
+        config:
+        - server:
+          - server_name: auto-conf auto-conf.chaos
+          - listen:
+            - '80'
+          - location /:
+            - proxy_redirect: "off"
+            - proxy_pass: http://127.0.0.1:3218
+      proxy_pihole:
+        enabled: true
+        config:
+        - server:
+          - server_name: pihole pihole.chaos
+          - listen:
+            - '80'
+          - location /admin:
+            - proxy_redirect: "off"
+            - proxy_pass: http://127.0.0.1:8080/admin
+            - add_header: 'Access-Control-Allow-Origin: "*"'
+            - proxy_set_header: 'Access-Control-Allow-Origin: "*"'
+      proxy_docker-reg:
+        enabled: true
+        config:
+        - server:
+          - server_name: docker-registry docker-registry.chaos docker-registry.lan
+          - listen:
+            - '80'
+          - location /:
+            - proxy_redirect: "off"
+            - proxy_pass: http://127.0.0.1:5000
+            - client_max_body_size: '10G'
+            - proxy_set_header: 'Host $host'
+            - proxy_set_header: 'X-Forwarded-For  $remote_addr'  
+            - proxy_set_header: 'Proxy-Connection ""'
+            - proxy_set_header: 'Access-Control-Allow-Origin "*"'
+            - proxy_set_header: 'Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"'
+            - proxy_set_header: 'Access-Control-Allow-Headers "Authorization, Accept"'
+            - proxy_set_header: 'Access-Control-Allow-Credentials true'
+            - proxy_set_header: 'Access-Control-Expose-Headers "Docker-Content-Digest"'
+            - add_header: 'Access-Control-Allow-Origin "*"'
+            - add_header: 'Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"'
+            - add_header: 'Access-Control-Allow-Headers "Authorization, Accept"'
+            - add_header: 'Access-Control-Allow-Credentials true'
+            - add_header: 'Access-Control-Expose-Headers "Docker-Content-Digest"'
+      proxy_zwave2mqtt:
+        enabled: true
+        config:
+        - server:
+          - server_name: zwave2mqtt zwave2mqtt.chaos
+          - listen:
+            - '80'
+          - location /:
+            - proxy_redirect: "off"
+            - proxy_pass: http://127.0.0.1:8091