systemd: service: container-homeassistant: Unit: Description: Homeassistant After: network-online.target local-fs.target Before: haproxy.service Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a homeassistant ExecStop: /usr/bin/podman stop homeassistant Install: WantedBy: multi-user.target container-homeassistant-configurator: Unit: Description: Homeassistant Configurator After: network-online.target local-fs.target Before: haproxy.service Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a homeassistant-configurator ExecStop: /usr/bin/podman stop homeassistant-configurator Install: WantedBy: multi-user.target container-pihole: Unit: Description: pihole After: network-online.target local-fs.target Before: haproxy.service Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a pihole ExecStop: /usr/bin/podman stop pihole Install: WantedBy: multi-user.target container-docker-registry: Unit: Description: Docker Registry After: network-online.target local-fs.target Before: haproxy.service Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a docker-registry ExecStop: /usr/bin/podman stop docker-registry Install: WantedBy: multi-user.target container-zwave2mqtt: Unit: Description: zwave2mqtt - yes After: network-online.target local-fs.target Before: haproxy.service Requires: io.podman.service Service: ExecStart: /usr/bin/podman start -a zwave2mqtt ExecStop: /usr/bin/podman stop zwave2mqtt Install: WantedBy: multi-user.target haproxy: enabled: True overwrite: True global: stats: enable: True socketpath: /var/lib/haproxy/stats mode: 660 level: admin # Optional extra bind parameter, for example to set the owner/group on the socket file extra: user haproxy group haproxy ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384" ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11" user: haproxy group: haproxy chroot: enable: True path: /var/lib/haproxy daemon: True defaults: mode: http stats: - enable - uri: '/admin?stats' - realm: 'Haproxy\ Statistics' - auth: 'admin1:AdMiN123' options: - httplog - dontlognull - forwardfor timeouts: - connect 5000 - client 50000 - server 50000 - tunnel 60000 #longer timeouts for websockets - http-request 5s errorfiles: 400: /etc/haproxy/errors/400.http 403: /etc/haproxy/errors/403.http 408: /etc/haproxy/errors/408.http 500: /etc/haproxy/errors/500.http 502: /etc/haproxy/errors/502.http 503: /etc/haproxy/errors/503.http 504: /etc/haproxy/errors/504.http #resolvers: # local_dns: # options: # - nameserver resolvconf 192.168.10.1:53 # - resolve_retries 3 # - timeout retry 1s # - hold valid 10s listens: stats: bind: - "127.0.0.1:8998" mode: http stats: enable: True uri: "/admin?stats" refresh: "20s" frontends: frontend1: name: www-http bind: "*:80" default_backend: auto acls: - host_auto hdr_beg(host) -i auto. - host_auto-conf hdr_beg(host) -i auto-conf. - host_z2m hdr_beg(host) -i zwave2mqtt. - host_pihole hdr_beg(host) -i pihole. - host_docker-registry hdr_beg(host) -i docker-registry. use_backends: - auto if host_auto - auto-conf if host_auto-conf - z2m if host_z2m - pihole if host_pihole - docker-registry if host_docker-registry backends: backend1: name: auto balance: roundrobin servers: server1: name: auto02 host: 127.0.0.1 port: 8123 check: check backend2: name: auto-conf balance: roundrobin servers: server1: name: auto02 host: 127.0.0.1 port: 3218 check: check backend3: name: z2m balance: roundrobin servers: server1: name: auto02 host: 127.0.0.1 port: 8091 check: check backend4: name: pihole balance: roundrobin servers: server1: name: auto02 host: 127.0.0.1 port: 8080 check: check backend5: name: docker-registry balance: roundrobin servers: server1: name: auto02 host: 127.0.0.1 port: 5000 check: check options: - http-server-close extra: #- http-request add-header Access-Control-Allow-Origin "http://docker-registry.lan" - http-response add-header Access-Control-Allow-Origin "*" - http-response add-header Access-Control-Allow-Methods "HEAD, GET, OPTIONS, DELETE" - http-response add-header Access-Control-Allow-Headers "Authorization, Accept" - http-response add-header Access-Control-Allow-Credentials true - http-response add-header Access-Control-Expose-Headers "Docker-Content-Digest"