Hi, I recently decided to switch to the SWAG stack for managing certificates and reverse-proxying services beyond Home Assistant itself and so far I’m loving it:
Setup was a breeze and the new configuration is much simpler than manually juggling docker-compose images for letsencrypt and homeassistant with volume mounting for cert sharing, etc.
One slight issue I experienced was that Home Assistant expects IPs or Subnet specs in http.trusted_proxies config entry and chokes if I try to provide a hostname for the SWAG docker service.
Googling for 5 minutes how to dynamically acquire the exact subnet spec within the docker-compose.yaml didn’t give any results so I’m going to say that this isn’t obvious. In the end I ended up specifying an unnecessarily permissive 172.0.0.0/8 entry in my config where it could just have been swag, the service name of the SWAG container.
Would it be possible to add hostname support to http.trusted_proxies setting? I think generally speaking it makes sense to also support host names where IPs and subnet specs are accepted.
Thanks!
-G