aboutsummaryrefslogtreecommitdiffstats
path: root/matrix-server/haproxy/haproxy.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'matrix-server/haproxy/haproxy.cfg')
-rw-r--r--matrix-server/haproxy/haproxy.cfg44
1 files changed, 26 insertions, 18 deletions
diff --git a/matrix-server/haproxy/haproxy.cfg b/matrix-server/haproxy/haproxy.cfg
index 2afa3fb..c619259 100644
--- a/matrix-server/haproxy/haproxy.cfg
+++ b/matrix-server/haproxy/haproxy.cfg
@@ -1,30 +1,38 @@
global
- stats socket :9999 level admin expose-fd listeners
- log stdout format raw local0
- ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
+stats socket :9999 level admin expose-fd listeners
+log stdout format raw local0
+ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
+
+defaults
+timeout connect 5000ms
+timeout client 50000ms
+timeout server 50000ms
+default-server init-addr last,libc,none
frontend http
- bind :80
- http-request redirect scheme https unless { ssl_fc }
- acl certbot path_beg /.well-known/acme-challenge/
- use_backend certbot if certbot
+bind *:80
+http-request redirect scheme https unless { ssl_fc }
+acl certbot path_beg /.well-known/acme-challenge/
+use_backend certbot if certbot
frontend https
- bind :::443 v4v6 ssl crt /etc/certificates strict-sni alpn h2.http/1.1
- acl matrix-host hdr(host) -i matrix.example.com
- acl matrix-path path_beg /_matrix
- acl matrix-path path_beg /_synpase/client
- use_backend matrix if matrix-host matrix-path
+#uncomment this to get ssl certificate for the first run
+bind *:443 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem strict-sni alpn h2,http/1.1
+acl matrix-host hdr(host) -i terminaldweller.com
+acl matrix-path path_beg /_matrix
+acl matrix-path path_beg /_synpase/client
+use_backend matrix if matrix-host matrix-path
frontend matrix-federation
- bind :::8448 v4v6 ssl crt /etc/certificates alpn h2.http/1.1
- default_backend matrix
+#uncomment this to get ssl certificate for the first run
+bind *:8448 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem alpn h2,http/1.1
+default_backend matrix
-resolvers docker_resolver
- nameserver dns 127.0.0.11:53
+resolvers docker
+nameserver dns1 127.0.0.11:53
backend matrix
- server matrix synapse:8008
+server matrix synapse:8008
backend certbot
- server certbot certbot:380
+server certbot certbot:380
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 15:33:04 +0000