Update systemd services.

deploy.sh

@@ -420,11 +420,7 @@ services_generation() {
       export HOME_ASSISTANT_MQTT_USER="$(xkcdpass -d "-" -n 2)"
       export HOME_ASSISTANT_MQTT_PASSWORD="$(xkcdpass -d "-")"
       mkdir -p final-nix-config/mnt/config/mqtt/
-      mkdir -p final-nix-config/mnt/config/home-assistant/
-      mkdir -p final-nix-config/mnt/config/frigate/
       envsubst < templates/podman-config/home-assistant/mosquitto.conf > final-nix-config/mnt/config/mqtt/mosquitto.conf
-      envsubst < templates/podman-config/home-assistant/configuration.yaml > final-nix-config/mnt/config/home-assistant/configuration.yaml
-      envsubst < templates/podman-config/frigate/config.yaml > final-nix-config/mnt/config/frigate/config.yaml
       touch final-nix-config/mnt/config/mqtt/password.txt
       chmod 0700 final-nix-config/mnt/config/mqtt/password.txt
       mosquitto_passwd -b final-nix-config/mnt/config/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"

templates/nix-config/configuration.nix

@@ -6,7 +6,6 @@
     (modulesPath + "/profiles/qemu-guest.nix")
     inputs.sops-nix.nixosModules.sops
     ./disks/disko.nix
-    ./misc/activation.nix
     ./misc/mail.nix
     ./misc/networking.nix
     ./misc/smart.nix
@@ -27,9 +26,9 @@
   sops.defaultSopsFile = ./secrets/secrets.yaml;
   sops.age.sshKeyPaths = [ "/home/numbus-admin/.ssh/id_ed25519" ];
   sops.age.keyFile = "/var/lib/sops-nix/key.txt";
-  sops.age.generateKey = true;
   sops.secrets."ssh_public_keys" = { owner = "numbus-admin"; path = "/etc/ssh/authorized_keys.d/numbus-admin"; };
   sops.secrets."sender_email_address_password" = {};
+  sops.secrets."domain_name" = {};
   sops.secrets."podman/frigate" = { owner = "numbus-admin"; path = "/etc/podman/frigate/.env"; };
   sops.secrets."podman/gitea" = { owner = "numbus-admin"; path = "/etc/podman/gitea/.env"; };
   sops.secrets."podman/home_assistant" = { owner = "numbus-admin"; path = "/etc/podman/home-assistant/.env"; };

templates/nix-config/misc/activation.nix

@@ -23,8 +23,6 @@
       chown -R numbus-admin:users /mnt/data/
       chown -R 100032:users /mnt/data/nextcloud/
       chown -R numbus-admin:users /home/numbus-admin/.numbus-server/
-      chown -R numbus-admin:users /mnt/config/frigate/config.yaml
-      chmod 644 /mnt/config/frigate/config.yaml
 
       touch /home/numbus-admin/.numbus-server/chowned.true
     '';
@@ -52,4 +50,78 @@ PODMAN_NETWORKS
       touch /home/numbus-admin/.numbus-server/networked.true
     '';
   };
+
+  systemd.services.numbus-quirks = {
+    description = "Numbus-Server services : Apply quirks";
+    wantedBy = [ "multi-user.target" ];
+    after = [ 
+      "network.target"
+      "local-fs.target"
+      "numbus-activation-chowned.service"
+      "numbus-activation-networked.service"
+      "pi-hole.service"
+      "home-assistant.service"
+    ];
+    path = [ pkgs.curl pkgs.coreutils pkgs.systemd ];
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+    };
+    script = ''
+      #!/usr/bin/env bash
+
+      if [[ -e /home/numbus-admin/.numbus-server/quirked.true ]]; then
+        exit 0
+      fi
+
+      DOMAIN_NAME="$(cat /run/secrets/domain_name)"
+
+      if [[ ! -e /etc/nixos/podman/pi-hole.nix ]]; then
+        until curl -s "https://pi-hole.$DOMAIN_NAME/admin/login" | grep -q "Pi-hole"; do
+          echo "Waiting for Pi-hole to be ready..."
+          sleep 15
+        done
+        systemctl restart pi-hole.service
+        echo "Pi-Hole quirk applied and service ready !"
+      fi
+
+      if [[ ! -e /etc/nixos/podman/home-assistant.nix ]]; then
+        until [[ -e /mnt/config/home-assistant/configuration.yaml ]]; do
+          echo "Waiting for Home Assistant to be ready..."
+          sleep 15
+        done
+        sleep 180
+        systemctl stop frigate.service
+        cat << 'EOF' >> /mnt/config/home-assistant/configuration.yaml
+
+http:
+  use_x_forwarded_for: true
+  trusted_proxies: 172.16.20.253
+
+zha:
+EOF
+        systemctl start home-assistant.service
+        echo "Home Assistant quirk applied and service ready !"
+      fi
+
+      if [[ ! -e /etc/nixos/podman/frigate.nix ]]; then
+        until [[ -e /mnt/config/frigate/config.yaml ]]; do
+          echo "Waiting for Frigate to be ready..."
+          sleep 15
+        done
+        sleep 180
+        systemctl stop frigate.service
+        cat << 'EOF' >> /mnt/config/frigate/config.yaml
+
+tls:
+  enabled: false
+EOF
+        systemctl start frigate.service
+        echo "Frigate quirk applied and service ready !"
+      fi
+  
+      mkdir -p /home/numbus-admin/.numbus-server/
+      touch /home/numbus-admin/.numbus-server/quirked.true
+      '';
+  };
 }

templates/nix-config/podman/frigate.nix

@@ -64,8 +64,9 @@ in
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
+        TimeoutStartSec = "600";
         ExecStartPre = [
-          "${pkgs.coreutils}/bin/sleep 180"
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 180))'"
           "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
         ];
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";

templates/nix-config/podman/gitea.nix

@@ -35,6 +35,7 @@ in
               - GITEA__server__ROOT_URL=gitea.$DOMAIN_NAME
             labels:
               - traefik.enable=true
+              - traefik.docker.network=gitea_frontend
               - traefik.http.services.gitea.loadbalancer.server.port=3000
               - traefik.http.services.gitea.loadbalancer.server.scheme=http
               - traefik.http.routers.gitea-https.entrypoints=websecure
@@ -65,27 +66,45 @@ in
             external: true
       '';
 
-    systemd.services.${container_name} = {
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "900";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 400))'"
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
+        ];
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
-        # Take it down gracefully
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/home-assistant.nix

@@ -28,6 +28,7 @@ in
             # --- home-assistant devices --- #
             labels:
               - traefik.enable=true
+              - traefik.docker.network=home-assistant_frontend
               - traefik.http.services.home-assistant.loadbalancer.server.port=8123
               - traefik.http.services.home-assistant.loadbalancer.server.scheme=http
               - traefik.http.routers.home-assistant-https.entrypoints=websecure
@@ -57,14 +58,18 @@ in
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
+        TimeoutStartSec = "600";
         # Pull the latest image before running
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
+          "${pkgs.coreutils}/bin/sleep 180"
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
+        ];
         # Bring the service up
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
         # Take it down gracefully

templates/nix-config/podman/immich.nix

@@ -27,6 +27,7 @@ in
             # --- immich devices --- #
             labels:
               - traefik.enable=true
+              - traefik.docker.network=immich_frontend
               - traefik.http.services.immich.loadbalancer.server.port=2283
               - traefik.http.services.immich.loadbalancer.server.scheme=http
               - traefik.http.routers.immich-https.entrypoints=websecure
@@ -89,27 +90,45 @@ in
             external: true
       '';
 
-    systemd.services.${container_name} = {
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "900";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 400))'"
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
+        ];
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
-        # Take it down gracefully
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/it-tools.nix

@@ -20,6 +20,7 @@ in
               it-tools_frontend:
             labels:
               - traefik.enable=true
+              - traefik.docker.network=it-tools_frontend
               - traefik.http.services.it-tools.loadbalancer.server.port=80
               - traefik.http.services.it-tools.loadbalancer.server.scheme=http
               - traefik.http.routers.it-tools-https.entrypoints=websecure
@@ -32,27 +33,45 @@ in
             external: true
       '';
 
-    systemd.services.${container_name} = {
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "600";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 180))'"
-        ExecStart = "sleep 90 && ${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
-        # Take it down gracefully
+        ];
+        ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/nextcloud.nix

@@ -37,6 +37,7 @@ in
               WATCHTOWER_DOCKER_SOCKET_PATH: /run/user/1000/podman/podman.sock
             labels:
               - traefik.enable=true
+              - traefik.docker.network=nextcloud-aio
               - traefik.http.services.nextcloud-aio.loadbalancer.server.port=8080
               - traefik.http.services.nextcloud-aio.loadbalancer.server.scheme=https
               - traefik.http.routers.nextcloud-aio-https.entrypoints=websecure
@@ -55,27 +56,45 @@ in
             name: nextcloud_aio_mastercontainer
       '';
 
-    systemd.services.${container_name} = {
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "600";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 180))'"
-        ExecStart = "sleep 100 && ${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
-        # Take it down gracefully
+        ];
+        ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/passbolt.nix

@@ -39,6 +39,7 @@ in
               PASSBOLT_SSL_FORCE: true
             labels:
               - traefik.enable=true
+              - traefik.docker.network=passbolt_frontend
               - traefik.http.services.passbolt.loadbalancer.server.port=4433
               - traefik.http.services.passbolt.loadbalancer.server.scheme=https
               - traefik.http.routers.passbolt-https.entrypoints=websecure
@@ -84,27 +85,45 @@ in
           passbolt-jwt:
       '';
 
-    systemd.services.${container_name} = {
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "600";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % 180))'"
-        ExecStart = "sleep 110 && ${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
-        # Take it down gracefully
+        ];
+        ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/pi-hole.nix

@@ -26,10 +26,6 @@ in
             environment:
               TZ: $TZ
               FTLCONF_webserver_api_password: $FTLCONF_webserver_api_password
-              FTLCONF_dns_listeningMode: "all"
-              FTLCONF_dns_revServers: true,$HOME_ROUTER_SUBNET,$HOME_ROUTER_IP,home
-              FTLCONF_dns_domain_name: "home"
-              FTLCONF_dns_domain_local: "true"
               FTLCONF_dns_hosts: |
                 $HOME_SERVER_IP frigate.$DOMAIN_NAME
                 $HOME_SERVER_IP gitea.$DOMAIN_NAME
@@ -52,6 +48,7 @@ in
               - SYS_NICE
             labels:
               - traefik.enable=true
+              - traefik.docker.network=pi-hole_frontend
               - traefik.http.services.pihole.loadbalancer.server.port=80
               - traefik.http.services.pihole.loadbalancer.server.scheme=http
               - traefik.http.routers.pihole-https.entrypoints=websecure
@@ -64,29 +61,46 @@ in
           pi-hole_frontend:
             external: true
       '';
-    systemd.services.${container_name} = {
+
+    systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
       after = [ "network.target" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
-        AmbientCapabilities = "CAP_SYS_NICE";
-        LimitNICE = -20;
         Type = "exec";
-        # Pull the latest image before running
+        TimeoutStartSec = "600";
-        ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
+        ExecStartPre = [
-        # Bring the service up
+          "${pkgs.bash}/bin/bash -c 'sleep 20'"
+          "-${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull"
+        ];
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
-        # Take it down gracefully
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";
         StartLimitBurst = "3";
       };
     };
+
+    systemd.services."update-${container_name}" = {
+      description = "Update ${container_name} container";
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.systemd}/bin/systemctl restart ${container_name}.service";
+      };
+    };
+
+    systemd.timers."update-${container_name}" = {
+      timerConfig = {
+        OnCalendar = "02:00";
+        RandomizedDelaySec = "60m";
+        Unit = "update-${container_name}.service";
+      };
+      wantedBy = [ "timers.target" ];
+    };
   };
 }

templates/nix-config/podman/traefik.nix

@@ -31,6 +31,7 @@ TRAEFIK_NETWORKS
               - CF_DNS_API_TOKEN=$CF_DNS_API_TOKEN
             labels:
               - traefik.enable=true
+              - traefik.docker.network=home-assistant_frontend
               - traefik.http.services.traefik.loadbalancer.server.port=8080
               - traefik.http.services.traefik.loadbalancer.server.scheme=http
               - traefik.http.routers.traefik-https.entrypoints=websecure
@@ -46,17 +47,14 @@ TRAEFIK_REF_NETWORKS
       description = "Podman container : ${container_name}";
       after = [ "numbus-activation-networked.service" "numbus-activation-chowned.service" ];
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.podman ];
+      path = [ pkgs.podman pkgs.coreutils ];
 
       serviceConfig = {
         User = "numbus-admin";
         Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
         Type = "exec";
-        # Pull the latest image before running
         ExecStartPre = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} pull";
-        # Bring the service up
         ExecStart = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} up --remove-orphans";
-        # Take it down gracefully
         ExecStop = "${pkgs.podman-compose}/bin/podman-compose -f /etc/${compose_file} down";
         Restart = "on-failure";
         RestartSec = "5m";

templates/nix-config/sops-nix/secrets.yaml

@@ -1,5 +1,6 @@
 ssh_public_keys: "$SSH_PUBLIC_KEY"
 sender_email_address_password: "$SENDER_EMAIL_ADDRESS_PASSWORD"
+domain_name: "$DOMAIN_NAME"
 
 podman:
   frigate: |

templates/podman-config/home-assistant/configuration.yaml

@@ -1,17 +0,0 @@
-
-# Loads default set of integrations. Do not remove.
-default_config:
-
-# Load frontend themes from the themes folder
-frontend:
-  themes: !include_dir_merge_named themes
-
-automation: !include automations.yaml
-script: !include scripts.yaml
-scene: !include scenes.yaml
-
-http:
-  use_x_forwarded_for: true
-  trusted_proxies: 172.16.20.253
-
-zha: