diff --git a/03frontends.cfg b/03frontends.cfg
index 0be9192..223b548 100644
--- a/03frontends.cfg
+++ b/03frontends.cfg
@@ -306,6 +306,7 @@ frontend frontend_default
   acl archive hdr(host) -i lekernelpanique.fr.archive.benoit.jp.net
   acl archive hdr(host) -i sysadmin-bookmarks.archive.benoit.jp.net
   acl beszel hdr(host) -i beszel.benoit.jp.net
+  acl dreame hdr(host) -i dreame.benoit.jp.net
   acl forgejo hdr(host) -i forgejo.benoit.jp.net
   acl jellyfin hdr(host) -i jellyfin.benoit.jp.net
   acl kanboard hdr(host) -i kanboard.benoit.jp.net
@@ -329,6 +330,7 @@ frontend frontend_default
 
   http-request deny if adguard !letsencrypt !allowed_ips
   http-request deny if beszel !letsencrypt !allowed_ips
+  http-request deny if dreame !letsencrypt !allowed_ips
   http-request deny if jellyfin !letsencrypt !allowed_ips
   http-request deny if kanboard !letsencrypt !allowed_ips
   http-request deny if mailcow !letsencrypt !allowed_ips
@@ -343,6 +345,7 @@ frontend frontend_default
   use_backend adguard if adguard
   use_backend archive if archive
   use_backend beszel if beszel
+  use_backend dreame if dreame
   use_backend forgejo if forgejo
   use_backend jellyfin if jellyfin
   use_backend kanboard if kanboard
diff --git a/05backends.cfg b/05backends.cfg
index 8948023..2e653d3 100644
--- a/05backends.cfg
+++ b/05backends.cfg
@@ -205,3 +205,8 @@ backend jellyfin
   # set HSTS for one year after all responses
   http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
   server jellyfin jellyfin.incus:8096 check resolvers incus init-addr last,libc,none
+
+backend drame
+  # set HSTS for one year after all responses
+  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+  server drame 192.168.1.3:80 check