diff options
Diffstat (limited to 'matrix-server/haproxy')
-rw-r--r-- | matrix-server/haproxy/Dockerfile | 2 | ||||
-rw-r--r-- | matrix-server/haproxy/error.html | 10 | ||||
-rw-r--r-- | matrix-server/haproxy/haproxy.cfg | 36 |
3 files changed, 44 insertions, 4 deletions
diff --git a/matrix-server/haproxy/Dockerfile b/matrix-server/haproxy/Dockerfile new file mode 100644 index 0000000..c7dc38f --- /dev/null +++ b/matrix-server/haproxy/Dockerfile @@ -0,0 +1,2 @@ +FROM haproxy:lts-alpine +RUN apk update && apk upgrade && apk add curl diff --git a/matrix-server/haproxy/error.html b/matrix-server/haproxy/error.html new file mode 100644 index 0000000..85a807e --- /dev/null +++ b/matrix-server/haproxy/error.html @@ -0,0 +1,10 @@ +HTTP/1.0 200 OK + +Cache-Control: no-cache + +Connection: close + +Content-Type: text/plain + + +up diff --git a/matrix-server/haproxy/haproxy.cfg b/matrix-server/haproxy/haproxy.cfg index c619259..09e387c 100644 --- a/matrix-server/haproxy/haproxy.cfg +++ b/matrix-server/haproxy/haproxy.cfg @@ -1,6 +1,7 @@ global stats socket :9999 level admin expose-fd listeners -log stdout format raw local0 +#log stdout format raw local0 +log stdout format raw local0 info ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL defaults @@ -10,22 +11,37 @@ timeout server 50000ms default-server init-addr last,libc,none frontend http +mode http +option httplog +log global bind *:80 http-request redirect scheme https unless { ssl_fc } acl certbot path_beg /.well-known/acme-challenge/ use_backend certbot if certbot +use_backend health if { path_beg /health } frontend https #uncomment this to get ssl certificate for the first run -bind *:443 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem strict-sni alpn h2,http/1.1 -acl matrix-host hdr(host) -i terminaldweller.com +#bind :::443 v4v6 ssl crt /etc/certificates/matrix.terminaldweller.com.pem strict-sni alpn h2,http/1.1 +acl matrix-host hdr(host) -i matrix.terminaldweller.com acl matrix-path path_beg /_matrix acl matrix-path path_beg /_synpase/client use_backend matrix if matrix-host matrix-path +#frontend element +#bind *:80 +#acl element hdr_end(host) -i element.terminaldweller.com +#use_backend element if element + +frontend mail +bind *:993 +bind *:587 +acl mail hdr_end(host) -i mail.terminaldweller.com +use_backend mail if mail + frontend matrix-federation #uncomment this to get ssl certificate for the first run -bind *:8448 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem alpn h2,http/1.1 +#bind :::8448 v4v6 ssl crt /etc/certificates/matrix.terminaldweller.com.pem alpn h2,http/1.1 default_backend matrix resolvers docker @@ -35,4 +51,16 @@ backend matrix server matrix synapse:8008 backend certbot +mode http server certbot certbot:380 + +backend element +server element element:80 + +backend mail +server mail mail:993 + +backend health +mode http +server disabled-server 127.0.0.1:1 disabled +errorfile 503 /srv/error.html |