cr, dr-mirror, gcr-mirror - the mirrors won't do

base/hostconfig/adm01.sls

@@ -1,19 +1,31 @@
 pki:
   cns:
   - cr.lan
+  - gcr-mirror.lan
+  - dr-mirror.lan
+  - docker-registry.lan
 systemd:
   service:
     container-container-registry:
       Unit:
         Description: Container Registry
-        After: network-online.target local-fs.target
+        After: network-online.target local-fs.target podman.socket
         Before: haproxy.service
-        Requires: io.podman.service
       Service:
         ExecStart: /usr/bin/podman start -a container-registry
         ExecStop: /usr/bin/podman stop container-registry
       Install:
         WantedBy: multi-user.target
+    container-dr-mirror:
+      Unit:
+        Description: docker.io mirror
+        After: network-online.target local-fs.target podman.socket
+        Before: haproxy.service
+      Service:
+        ExecStart: /usr/bin/podman start -a dr-mirror
+        ExecStop: /usr/bin/podman stop dr-mirror
+      Install:
+        WantedBy: multi-user.target
 haproxy:
   enabled: True
   overwrite: True
@@ -81,9 +93,13 @@ haproxy:
        - "*:443 ssl crt /etc/pki/chain ca-file /etc/pki/intca.crt"
       default_backend: container-registry
       acls: 
-        - host_cr hdr_beg(host) -i cr.
+        - host_cr hdr_beg(host) -i cr. docker-registry.
+        - host_gcr-mirror hdr_beg(host) -i gcr-mirror.
+        - host_dr-mirror hdr_beg(host) -i dr-mirror.
       use_backends: 
-        - container-registry if host_cr 
+        - container-registry if host_cr
+        - gcr-mirror if host_gcr-mirror
+        - dr-mirror if host_dr-mirror
   backends:
     backend1:
       name: container-registry
@@ -97,11 +113,43 @@ haproxy:
       options:
         - http-server-close
       extra:
-        #- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan"
         - http-response add-header Access-Control-Allow-Origin "*"
         - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"
         - http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
         - http-response add-header Access-Control-Allow-Credentials true
         - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
-        
-  
+    backend2:
+      name: dr-mirror
+      balance: roundrobin
+      servers:
+        server1:
+          name: adm01
+          host: 127.0.0.1
+          port: 5500
+          check: check
+      options:
+        - http-server-close
+      extra:
+        - http-response add-header Access-Control-Allow-Origin "*"
+        - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS"
+        - http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
+        - http-response add-header Access-Control-Allow-Credentials true
+        - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
+    backend3:
+      name: gcr-mirror
+      balance: roundrobin
+      servers:
+        server1:
+          name: adm01
+          host: 127.0.0.1
+          port: 5600
+          check: check
+      options:
+        - http-server-close
+      extra:
+        - http-response add-header Access-Control-Allow-Origin "*"
+        - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS"
+        - http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
+        - http-response add-header Access-Control-Allow-Credentials true
+        - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
+    

base/hostconfig/auto02.sls

@@ -40,17 +40,6 @@ systemd:
         ExecStop: /usr/bin/podman stop pihole
       Install:
         WantedBy: multi-user.target
-    container-docker-registry:
-      Unit:
-        Description: Docker Registry
-        After: network-online.target local-fs.target
-        Before: haproxy.service
-        Requires: io.podman.service
-      Service:
-        ExecStart: /usr/bin/podman start -a docker-registry
-        ExecStop: /usr/bin/podman stop docker-registry
-      Install:
-        WantedBy: multi-user.target
     container-zwave2mqtt:
       Unit:
         Description: zwave2mqtt - yes
@@ -144,13 +133,11 @@ haproxy:
         - host_auto-conf hdr_beg(host) -i auto-conf.
         - host_z2m hdr_beg(host) -i zwave2mqtt.
         - host_pihole hdr_beg(host) -i pihole.
-        - host_docker-registry hdr_beg(host) -i docker-registry.
       use_backends: 
         - auto if host_auto
         - auto-conf if host_auto-conf
         - z2m if host_z2m
         - pihole if host_pihole
-        - docker-registry if host_docker-registry 
   backends:
     backend1:
       name: auto
@@ -192,23 +179,6 @@ haproxy:
           host: 127.0.0.1
           port: 8080
           check: check
-    backend5:
-      name: docker-registry
-      balance: roundrobin
-      servers:
-        server1:
-          name: auto02
-          host: 127.0.0.1
-          port: 5000
-          check: check
-      options:
-        - http-server-close
-      extra:
-        #- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan"
-        - http-response add-header Access-Control-Allow-Origin "*"
-        - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE"
-        - http-response add-header Access-Control-Allow-Headers "Authorization, Accept"
-        - http-response add-header Access-Control-Allow-Credentials true
-        - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"
-        
-        
+ 
+ 
+