pki: cns: - docker-registry.lan - zwave2mqtt.chaos - auto.chaos - auto-conf.chaos - pihole.chaos - nodered.chaos - rompr.chaos os: release: bullseye systemd: service: container-rompr: Unit: Description: Rompr After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a rompr ExecStop: /usr/bin/podman stop rompr Install: WantedBy: multi-user.target container-node-red: Unit: Description: Node Red After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a node-red ExecStop: /usr/bin/podman stop node-red Install: WantedBy: multi-user.target container-homeassistant: Unit: Description: Homeassistant After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a homeassistant ExecStop: /usr/bin/podman stop homeassistant Install: WantedBy: multi-user.target container-homeassistant-configurator: Unit: Description: Homeassistant Configurator After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a homeassistant-configurator ExecStop: /usr/bin/podman stop homeassistant-configurator Install: WantedBy: multi-user.target container-pihole: Unit: Description: pihole After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a pihole ExecStop: /usr/bin/podman stop pihole Install: WantedBy: multi-user.target container-zwave2mqtt: Unit: Description: zwave2mqtt - yes After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a zwave2mqtt ExecStop: /usr/bin/podman stop zwave2mqtt Install: WantedBy: multi-user.target container-mosquitto-mqtt: Unit: Description: mosquitto-mqtt - yes After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a mosquitto-mqtt ExecStop: /usr/bin/podman stop mosquitto-mqtt Install: WantedBy: multi-user.target container-mosquitto-prometheus-exporter: Unit: Description: mosquitto-prometeus-exporter - yes After: network-online.target local-fs.target Before: haproxy.service Service: ExecStart: /usr/bin/podman start -a mosquitto-exporter ExecStop: /usr/bin/podman stop mosquitto-exporter Install: WantedBy: multi-user.target haproxy: enabled: True overwrite: True global: stats: enable: True socketpath: /var/lib/haproxy/stats mode: 660 level: admin # Optional extra bind parameter, for example to set the owner/group on the socket file extra: user haproxy group haproxy ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384" ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11" user: haproxy group: haproxy chroot: enable: True path: /var/lib/haproxy daemon: True defaults: mode: http stats: - enable - uri: '/haproxy-status' options: - httplog - dontlognull - forwardfor timeouts: - connect 5000 - client 50000 - server 50000 - tunnel 80000 #longer timeouts for websockets - http-request 5s errorfiles: 400: /etc/haproxy/errors/400.http 403: /etc/haproxy/errors/403.http 408: /etc/haproxy/errors/408.http 500: /etc/haproxy/errors/500.http 502: /etc/haproxy/errors/502.http 503: /etc/haproxy/errors/503.http 504: /etc/haproxy/errors/504.http #resolvers: # local_dns: # options: # - nameserver resolvconf 192.168.10.1:53 # - resolve_retries 3 # - timeout retry 1s # - hold valid 10s listens: stats: bind: - "127.0.0.1:9110" mode: http stats: enable: True uri: "/haproxy-status" refresh: "20s" frontends: frontend1: name: www-http bind: - "*:80" #- "*:443 ssl crt /etc/pki/chain ca-file /etc/pki/intca.crt" default_backend: auto acls: - host_auto hdr_beg(host) -i auto. - host_auto-conf hdr_beg(host) -i auto-conf. - host_z2m hdr_beg(host) -i zwave2mqtt. - host_z2m-ws hdr_beg(host) -i zwave2mqtt-ws. - host_pihole hdr_beg(host) -i pihole. - host_nodered hdr_beg(host) -i nodered. - host_rompr hdr_beg(host) -i rompr. use_backends: - auto if host_auto - auto-conf if host_auto-conf - z2m if host_z2m - z2m-ws if host_z2m-ws - pihole if host_pihole - nodered if host_nodered - rompr if host_rompr backends: backend1: name: auto balance: roundrobin acls: - deprecated path_beg /habpanel /paperui redirect: - location /lovelace if deprecated servers: server1: name: auto host: 127.0.0.1 port: 8123 check: check backend2: name: auto-conf balance: roundrobin servers: server1: name: auto-conf host: 127.0.0.1 port: 3218 check: check backend3: name: z2m balance: roundrobin servers: server1: name: zwave2mqtt host: 127.0.0.1 port: 8091 check: check backend31: name: z2m-ws balance: roundrobin servers: server1: name: zwave2mqtt-ws host: 127.0.0.1 port: 3000 check: check backend4: name: pihole balance: roundrobin servers: server1: name: pihole host: 127.0.0.1 port: 8080 check: check backend5: name: nodered balance: roundrobin servers: server1: name: nodered host: 127.0.0.1 port: 1880 check: check backend6: name: rompr balance: roundrobin servers: server1: name: rompr host: 127.0.0.1 port: 8081 check: check