-
-
Save gaieges/936bdf91e01e4cc782eb047e5873089b to your computer and use it in GitHub Desktop.
version: '2.1' | |
services: | |
homeassistant: | |
restart: always | |
image: homeassistant/raspberrypi3-homeassistant | |
expose: | |
- 8123 | |
ports: | |
- "8123:8123" | |
devices: | |
- /dev/ttyACM0 | |
volumes: | |
- ./config:/config | |
network_mode: host | |
labels: | |
- "traefik.enable=true" | |
- "traefik.http.routers.hahttp.rule=Host(`MY_DOMAIN`)" | |
- "traefik.http.routers.ha.rule=Host(`MY_DOMAIN`)" | |
- "traefik.http.routers.ha.tls=true" | |
- "traefik.http.routers.ha.tls.certresolver=le" | |
- "traefik.http.routers.ha.tls.domains[0].main=MY_DOMAIN" | |
- "traefik.http.services.homeassistant.loadbalancer.server.port=8123" | |
traefik: | |
restart: always | |
image: traefik:v2.2 | |
command: | |
- "--api.dashboard=true" | |
- "--api.insecure=true" | |
- "--accesslog=true" | |
- "--providers.docker" | |
- "--providers.docker.exposedbydefault=false" | |
- "--entryPoints.web.address=:80" | |
- "--entrypoints.websecure.address=:443" | |
- "--certificatesresolvers.le.acme.tlschallenge=true" | |
- "--certificatesresolvers.le.acme.email=MY_EMAIL" | |
- "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json" | |
ports: | |
- 80:80 | |
- 8080:8080 | |
- 443:443 | |
volumes: | |
- "/var/run/docker.sock:/var/run/docker.sock:ro" | |
- "./letsencrypt:/letsencrypt" | |
extra_hosts: | |
- host.docker.internal:172.17.0.1 | |
Thank you for this. I've spent a few hours before stumbling upon this little gem.
Thanks for this gist, helped me get my HA working.
3 years later and "extra_hosts" still does the job, thank you!
This took me hours to find - thanks for the help my man! :D
If you want to avoid adding a "magic" IP address you can use
extra_hosts:
- "host.docker.internal:host-gateway"
make sure you are using linux and docker >v20.10.
If you receive "400 Bad Request" error, you need to whitelist the IP of the docker proxy in home assistant.
Check the Home Assistant logs. You should see something like:
2024-03-30 22:28:57.467 ERROR (MainThread) [homeassistant.components.http.forwarded] Received X-Forwarded-For header from an untrusted proxy XXX.XXX.XXX.XXX
Add the XXX.XXX.XXX.XXX
IP in you home assistant configuration.yml
file.
http:
use_x_forwarded_for: true
trusted_proxies:
- ::1
- 127.0.0.1
- XXX.XXX.XXX.XXX
This IP changes if you destroy your traefik container / network.
You can allow the CIDR 172.16.0.0/12
so it will be always allowed whatever IP it takes... But it's less secure of course.
I had to add these to labels to avoid getting 400 bad request: