Dustin C. Hatch
b1afb4adf1
The default Home Assistant configuration does not allow running a reverse proxy in front of the application. To enable this, the `use_x_forwarded_for` and `trusted_proxies` options have to be set. Since we want `/var/lib/homeassistant` to be a Btrfs subvolume, we can't simply include the necessary files in the correct location in the rootfs image. Instead, we must define "copy tree" (`C`) actions for `systemd-tmpfiles` to copy them from `/usr/share/factory`. Unfortunately, `systemd-tmpfiles` considers `v` and `C` actions conflicting, and thus will not copy the directory contents recursively. Each file has to be listed explicitly.
20 lines
316 B
Plaintext
20 lines
316 B
Plaintext
[Unit]
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Container]
|
|
Image=ghcr.io/home-assistant/yellow-homeassistant:stable
|
|
Network=host
|
|
Volume=/var/lib/homeassistant:/config:Z
|
|
User=300
|
|
Group=300
|
|
ReadOnly=true
|
|
VolatileTmp=yes
|
|
|
|
[Service]
|
|
TimeoutStartSec=5min
|
|
UMask=0077
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|