aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorterminaldweller <thabogre@gmail.com>2022-07-06 14:54:38 +0000
committerterminaldweller <thabogre@gmail.com>2022-07-06 14:54:38 +0000
commit225efffd47c7c097e0f2ef935323aa2a7f528c44 (patch)
tree4e3d3f887ea3c11be16cf35877d2cfb946746565
parentsearxng (diff)
downloadscripts-225efffd47c7c097e0f2ef935323aa2a7f528c44.tar.gz
scripts-225efffd47c7c097e0f2ef935323aa2a7f528c44.zip
updated haproxy
-rw-r--r--terminaldweller.com/haproxy/haproxy.cfg47
1 files changed, 24 insertions, 23 deletions
diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg
index dcc7714..ddc8b82 100644
--- a/terminaldweller.com/haproxy/haproxy.cfg
+++ b/terminaldweller.com/haproxy/haproxy.cfg
@@ -50,11 +50,11 @@ frontend http
#this will prevent any letsencrypt cert challenges from working
#http-request redirect scheme https if http
http-request redirect scheme https code 301 if http blog-host !letsencrypt-acl
- http-request redirect scheme https code 301 if http editor-host
- http-request redirect scheme https code 301 if http editorsave-host
- http-request redirect scheme https code 301 if http api-host
- http-request redirect scheme https code 301 if http devourer-host
- #http-request redirect scheme https code 301 if http searx-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http editor-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http editorsave-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http api-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http devourer-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http searx-host !letsencrypt-acl
#Conditions
#use_backend chat-cert-backend if letsencrypt-acl chat-host
@@ -84,7 +84,7 @@ frontend https
tcp-request content reject
#ACLs
acl mail-host-s req.ssl_sni -i mail.terminaldweller.com
- #acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
+ acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
acl blog-host-s req.ssl_sni -i blog.terminaldweller.com
acl api-host-s req.ssl_sni -i api.terminaldweller.com
acl mila-api-host-s req.ssl_sni -i mila.terminaldweller.com
@@ -105,10 +105,10 @@ frontend https
use_backend editor-backend-s if editor-host-s
use_backend editorsave-backend-s if editorsave-host-s
-frontend jabber5222
- bind *:5222
- mode tcp
- use_backend chat-backend-c2s
+#frontend jabber5222
+# bind *:5222
+# mode tcp
+# use_backend chat-backend-c2s
#frontend jabber5222
# bind *:5222
# timeout client 60s
@@ -118,11 +118,11 @@ frontend jabber5222
# tcp-request content reject
# acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
# use_backend chat-backend-c2s if chat-host-s
-#frontend jabbber5222
-# bind *:5280
-# mode http
-# acl chat-host hdr_sub(host) -i chat.terminaldweller.com
-# use_backend chat-backend if chat-host
+frontend jabbber5222
+ bind *:5222
+ mode http
+ acl chat-host hdr_sub(host) -i chat.terminaldweller.com
+ use_backend chat-backend-c2s if chat-host
frontend jabber5280
bind *:5280
mode http
@@ -279,20 +279,21 @@ backend api-mila-backend-cert
backend chat-backend-admin
mode http
server chat-host 130.185.121.80:5280
-backend chat-backend
- mode http
- server chat-host 130.185.121.80:5222
+#backend chat-backend
+# mode http
+# server chat-host 130.185.121.80:5222
backend chat-backend-s
mode tcp
option ssl-hello-chk
server chat-host 130.185.121.80:5443
backend chat-backend-c2s
- mode tcp
- #option ssl-hello-chk
- server chat-host 130.185.121.80:5222
-backend chat-cert-backend
+ #mode tcp
mode http
- server chat-cert-server 130.185.121.80:8880
+ option forwardfor
+ server chat-host 130.185.121.80:5222
+#backend chat-cert-backend
+# mode http
+# server chat-cert-server 130.185.121.80:8880
backend searx-backend-cert
mode http