aboutsummaryrefslogtreecommitdiffstats
path: root/matrix-server/haproxy/haproxy.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'matrix-server/haproxy/haproxy.cfg')
-rw-r--r--matrix-server/haproxy/haproxy.cfg30
1 files changed, 30 insertions, 0 deletions
diff --git a/matrix-server/haproxy/haproxy.cfg b/matrix-server/haproxy/haproxy.cfg
new file mode 100644
index 0000000..2afa3fb
--- /dev/null
+++ b/matrix-server/haproxy/haproxy.cfg
@@ -0,0 +1,30 @@
+global
+ stats socket :9999 level admin expose-fd listeners
+ log stdout format raw local0
+ ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
+
+frontend http
+ bind :80
+ http-request redirect scheme https unless { ssl_fc }
+ acl certbot path_beg /.well-known/acme-challenge/
+ use_backend certbot if certbot
+
+frontend https
+ bind :::443 v4v6 ssl crt /etc/certificates strict-sni alpn h2.http/1.1
+ acl matrix-host hdr(host) -i matrix.example.com
+ acl matrix-path path_beg /_matrix
+ acl matrix-path path_beg /_synpase/client
+ use_backend matrix if matrix-host matrix-path
+
+frontend matrix-federation
+ bind :::8448 v4v6 ssl crt /etc/certificates alpn h2.http/1.1
+ default_backend matrix
+
+resolvers docker_resolver
+ nameserver dns 127.0.0.11:53
+
+backend matrix
+ server matrix synapse:8008
+
+backend certbot
+ server certbot certbot:380