aboutsummaryrefslogtreecommitdiffstats
path: root/terminaldweller.com/haproxy
diff options
context:
space:
mode:
authorterminaldweller <thabogre@gmail.com>2022-11-23 08:45:51 +0000
committerterminaldweller <thabogre@gmail.com>2022-11-23 08:45:51 +0000
commit7bcd7a5b12c428dcb6e60a94ff315a9e39511d13 (patch)
tree9493b9d7886f8d32d7575bb3d55ca43599b1e2e8 /terminaldweller.com/haproxy
parenttsocks and zsh prompt update (diff)
downloadscripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.tar.gz
scripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.zip
update
Diffstat (limited to 'terminaldweller.com/haproxy')
-rw-r--r--terminaldweller.com/haproxy/haproxy.cfg102
1 files changed, 59 insertions, 43 deletions
diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg
index b659cb3..26e90f2 100644
--- a/terminaldweller.com/haproxy/haproxy.cfg
+++ b/terminaldweller.com/haproxy/haproxy.cfg
@@ -36,7 +36,7 @@ frontend http
acl blog-host hdr_sub(host) -i blog.terminaldweller.com
acl mail-host hdr_sub(host) -i mail.terminaldweller.com
acl api-host hdr_sub(host) -i api.terminaldweller.com
- acl chat-host hdr_sub(host) -i chat.terminaldweller.com
+ acl jabber-host hdr_sub(host) -i jabber.terminaldweller.com
acl searx-host hdr_sub(host) -i searx.terminaldweller.com
acl editor-host hdr_sub(host) -i editor.terminaldweller.com
acl editorsave-host hdr_sub(host) -i editorsave.terminaldweller.com
@@ -44,6 +44,8 @@ frontend http
acl discord-host hdr_sub(host) -i discord.terminaldweller.com
acl rssgen-host hdr_sub(host) -i rssgen.terminaldweller.com
acl git-host hdr_sub(host) -i git.terminaldweller.com
+ acl cargo-host hdr_sub(host) -i cargo.terminaldweller.com
+ acl browsh-host hdr_sub(host) -i browsh.terminaldweller.com
acl mila-api-acl url_beg /mila
acl crypto-api-acl url_beg /crypto
acl http ssl_fc,not
@@ -59,27 +61,31 @@ frontend http
http-request redirect scheme https code 301 if http searx-host !letsencrypt-acl
http-request redirect scheme https code 301 if http git-host !letsencrypt-acl
# http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http cargo-host !letsencrypt-acl
+ #http-request redirect scheme https code 301 if http jabber-host !letsencrypt-acl
+ # http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl
#Conditions
- #use_backend chat-cert-backend if letsencrypt-acl chat-host
use_backend blog-backend-cert if letsencrypt-acl blog-host
use_backend blog-backend-cert if letsencrypt-acl editor-host
use_backend blog-backend-cert if letsencrypt-acl editorsave-host
use_backend cloud-one-cert if letsencrypt-acl devourer-host
- use_backend cloud-one-cert if letsencrypt-acl chat-host
+ use_backend searx-backend-cert if letsencrypt-acl jabber-host
use_backend api-crypto-backend-cert if letsencrypt-acl api-host
use_backend api-mila-backend-cert if letsencrypt-acl api-host
use_backend searx-backend-cert if letsencrypt-acl searx-host
use_backend searx-backend-cert if letsencrypt-acl rssgen-host
use_backend searx-backend-cert if letsencrypt-acl git-host
+ use_backend searx-backend-cert if letsencrypt-acl cargo-host
# use_backend editor-backend-cert if letsencrypt-acl editor-host
- use_backend certbot-backend if letsencrypt-acl !chat-host !blog-host !api-host
+ use_backend certbot-backend if letsencrypt-acl !jabber-host !blog-host !api-host
use_backend blog-backend if blog-host
use_backend mail-backend if mail-host
use_backend api-backend if api-host
use_backend searx-backend if searx-host
- use_backend rssgen-backend if rssgen-host
use_backend git-backend if git-host
+ use_backend rssgen-backend if rssgen-host
+ use_backend browsh-backend if browsh-host
#use_backend chat-backend if chat-host
default_backend blog-backend
@@ -92,7 +98,7 @@ frontend https
tcp-request content reject
#ACLs
acl mail-host-s req.ssl_sni -i mail.terminaldweller.com
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
acl blog-host-s req.ssl_sni -i blog.terminaldweller.com
acl jericho-host-s req.ssl_sni -i jericho.terminaldweller.com
acl api-host-s req.ssl_sni -i api.terminaldweller.com
@@ -103,6 +109,7 @@ frontend https
acl editor-host-s req.ssl_sni -i editor.terminaldweller.com
acl editorsave-host-s req.ssl_sni -i editorsave.terminaldweller.com
acl discord-host-s req.ssl_sni -i discord.terminaldweller.com
+ acl rssgen-host-s req.ssl_sni -i rssgen.terminaldweller.com
#Conditions
use_backend mail-backend-s if mail-host-s
#use_backend chat-backend-s if chat-host-s
@@ -116,6 +123,7 @@ frontend https
use_backend editor-backend-s if editor-host-s
use_backend editorsave-backend-s if editorsave-host-s
use_backend git-backend-s if git-host-s
+ use_backend rssgen-backend-s if rssgen-host-s
#frontend jabber5222
# bind *:5222
@@ -134,8 +142,11 @@ frontend jabbber5222
bind *:5222
timeout client 60s
mode tcp
- acl chat-host req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-backend-c2s if chat-host
+ #tcp-request inspect-delay 5s
+ #tcp-request content accept if { req.ssl_hello_type 1 }
+ #tcp-request content reject
+ acl jabber-host req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-c2s if jabber-host
frontend jabber5223
bind *:5223
timeout client 60s
@@ -143,13 +154,17 @@ frontend jabber5223
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
tcp-request content reject
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-auth-backend-s if chat-host-s
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-auth-backend-s if jabber-host-s
frontend jabber5280
bind *:5280
- mode http
- acl chat-host hdr_sub(host) -i chat.terminaldweller.com
- use_backend chat-backend-admin if chat-host
+ timeout client 60s
+ mode tcp
+ tcp-request inspect-delay 5s
+ tcp-request content accept if { req.ssl_hello_type 1 }
+ tcp-request content reject
+ acl jabber-host req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-admin if jabber-host
frontend jabber5443
bind *:5443
timeout client 60s
@@ -157,8 +172,8 @@ frontend jabber5443
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
tcp-request content reject
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-backend-s if chat-host-s
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-s if jabber-host-s
frontend mail-imap
bind *:143
@@ -234,7 +249,7 @@ backend blog-backend-cert
backend cloud-one-cert
mode http
option forwardfor
- server cloud-one-host 130.185.121.80:80
+ server cloud-one-host 185.130.47.208:80
backend blog-backend-s
mode tcp
option tcp-check
@@ -296,72 +311,73 @@ backend api-crypto-backend-cert
backend api-mila-backend-s
mode tcp
option tcp-check
- server api-mila-host 130.185.121.80:19019
+ server api-mila-host 185.130.47.208:9009
backend api-mila-backend-cert
mode http
option forwardfor
- server api-mila-host 130.185.121.80
+ server api-mila-host 185.130.47.208:80
-backend chat-backend-admin
- mode http
- server chat-host 130.185.121.80:5280
-#backend chat-backend
-# mode http
-# server chat-host 130.185.121.80:5222
-backend chat-backend-s
+backend jabber-backend-admin
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5443
-backend chat-backend-c2s
+ server jabber-host 185.130.47.208:5280
+backend jabber-backend-s
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5222
-backend chat-auth-backend-s
+ server jabber-host 185.130.47.208:5443
+backend jabber-backend-c2s
+ mode tcp
+ server jabber-host 185.130.47.208:5222
+backend jabber-auth-backend-s
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5223
-#backend chat-cert-backend
-# mode http
-# server chat-cert-server 130.185.121.80:8880
+ server jabber-host 185.130.47.208:5223
backend searx-backend-cert
mode http
- server searx-host-cert 130.185.121.80:80
+ server searx-host-cert 185.130.47.208:80
backend searx-backend
mode http
- server searx-host 130.185.121.80:8080
+ server searx-host 185.130.47.208:8080
backend searx-backend-s
#balance roundrobin
mode tcp
option tcp-check
- server searx-host-s 130.185.121.80:8081 maxconn 10
+ server searx-host-s 185.130.47.208:8081 maxconn 10
#server searx-host-s 192.99.102.52:8081 maxconn 10
backend cargo-backend-s
mode tcp
option tcp-check
- server cargo-host-s 130.185.121.80:7777
+ server cargo-host-s 185.130.47.208:7777
backend editor-backend-s
mode tcp
option tcp-check
- server cargo-host-s 192.99.102.52:7080
+ server editor-host-s 192.99.102.52:7080
backend editorsave-backend-s
mode tcp
option tcp-check
- server cargo-host-s 192.99.102.52:9080
+ server editorsave-host-s 192.99.102.52:9080
backend rssgen-backend
mode http
- option forwardfor
- server rssgen-host 130.185.121.80:3000 check
+ server rssgen-host-s 185.130.47.208:3000
+backend rssgen-backend-s
+ mode tcp
+ option tcp-check
+ server rssgen-host-s 185.130.47.208:3000
backend git-backend
mode http
option forwardfor
- server git-host 130.185.121.80:8042
+ server git-host 185.130.47.208:8042
backend git-backend-s
mode tcp
option tcp-check
- server git-host-s 130.185.121.80:8043 check
+ server git-host-s 185.130.47.208:8043 check
+
+backend browsh-backend
+ mode http
+ server browsh-host 185.130.45.46:4333