aboutsummaryrefslogtreecommitdiffstats
path: root/matrix-server/haproxy
diff options
context:
space:
mode:
Diffstat (limited to 'matrix-server/haproxy')
-rw-r--r--matrix-server/haproxy/Dockerfile2
-rw-r--r--matrix-server/haproxy/error.html10
-rw-r--r--matrix-server/haproxy/haproxy.cfg36
3 files changed, 44 insertions, 4 deletions
diff --git a/matrix-server/haproxy/Dockerfile b/matrix-server/haproxy/Dockerfile
new file mode 100644
index 0000000..c7dc38f
--- /dev/null
+++ b/matrix-server/haproxy/Dockerfile
@@ -0,0 +1,2 @@
+FROM haproxy:lts-alpine
+RUN apk update && apk upgrade && apk add curl
diff --git a/matrix-server/haproxy/error.html b/matrix-server/haproxy/error.html
new file mode 100644
index 0000000..85a807e
--- /dev/null
+++ b/matrix-server/haproxy/error.html
@@ -0,0 +1,10 @@
+HTTP/1.0 200 OK
+
+Cache-Control: no-cache
+
+Connection: close
+
+Content-Type: text/plain
+
+
+up
diff --git a/matrix-server/haproxy/haproxy.cfg b/matrix-server/haproxy/haproxy.cfg
index c619259..09e387c 100644
--- a/matrix-server/haproxy/haproxy.cfg
+++ b/matrix-server/haproxy/haproxy.cfg
@@ -1,6 +1,7 @@
global
stats socket :9999 level admin expose-fd listeners
-log stdout format raw local0
+#log stdout format raw local0
+log stdout format raw local0 info
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
defaults
@@ -10,22 +11,37 @@ timeout server 50000ms
default-server init-addr last,libc,none
frontend http
+mode http
+option httplog
+log global
bind *:80
http-request redirect scheme https unless { ssl_fc }
acl certbot path_beg /.well-known/acme-challenge/
use_backend certbot if certbot
+use_backend health if { path_beg /health }
frontend https
#uncomment this to get ssl certificate for the first run
-bind *:443 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem strict-sni alpn h2,http/1.1
-acl matrix-host hdr(host) -i terminaldweller.com
+#bind :::443 v4v6 ssl crt /etc/certificates/matrix.terminaldweller.com.pem strict-sni alpn h2,http/1.1
+acl matrix-host hdr(host) -i matrix.terminaldweller.com
acl matrix-path path_beg /_matrix
acl matrix-path path_beg /_synpase/client
use_backend matrix if matrix-host matrix-path
+#frontend element
+#bind *:80
+#acl element hdr_end(host) -i element.terminaldweller.com
+#use_backend element if element
+
+frontend mail
+bind *:993
+bind *:587
+acl mail hdr_end(host) -i mail.terminaldweller.com
+use_backend mail if mail
+
frontend matrix-federation
#uncomment this to get ssl certificate for the first run
-bind *:8448 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem alpn h2,http/1.1
+#bind :::8448 v4v6 ssl crt /etc/certificates/matrix.terminaldweller.com.pem alpn h2,http/1.1
default_backend matrix
resolvers docker
@@ -35,4 +51,16 @@ backend matrix
server matrix synapse:8008
backend certbot
+mode http
server certbot certbot:380
+
+backend element
+server element element:80
+
+backend mail
+server mail mail:993
+
+backend health
+mode http
+server disabled-server 127.0.0.1:1 disabled
+errorfile 503 /srv/error.html