global
stats socket :9999 level admin expose-fd listeners
log stdout format raw local0
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL

defaults
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
default-server init-addr last,libc,none

frontend http
bind *:80
http-request redirect scheme https unless { ssl_fc }
acl certbot path_beg /.well-known/acme-challenge/
use_backend certbot if certbot

frontend https
#uncomment this to get ssl certificate for the first run
bind *:443 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem strict-sni alpn h2,http/1.1
acl matrix-host hdr(host) -i terminaldweller.com
acl matrix-path path_beg /_matrix
acl matrix-path path_beg /_synpase/client
use_backend matrix if matrix-host matrix-path

frontend matrix-federation
#uncomment this to get ssl certificate for the first run
bind *:8448 v4v6 ssl crt /etc/certificates/terminaldweller.com.pem alpn h2,http/1.1
default_backend matrix

resolvers docker
nameserver dns1 127.0.0.11:53

backend matrix
server matrix synapse:8008

backend certbot
server certbot certbot:380