diff options
author | terminaldweller <thabogre@gmail.com> | 2022-11-23 08:45:51 +0000 |
---|---|---|
committer | terminaldweller <thabogre@gmail.com> | 2022-11-23 08:45:51 +0000 |
commit | 7bcd7a5b12c428dcb6e60a94ff315a9e39511d13 (patch) | |
tree | 9493b9d7886f8d32d7575bb3d55ca43599b1e2e8 /terminaldweller.com/haproxy | |
parent | tsocks and zsh prompt update (diff) | |
download | scripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.tar.gz scripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.zip |
update
Diffstat (limited to 'terminaldweller.com/haproxy')
-rw-r--r-- | terminaldweller.com/haproxy/haproxy.cfg | 102 |
1 files changed, 59 insertions, 43 deletions
diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg index b659cb3..26e90f2 100644 --- a/terminaldweller.com/haproxy/haproxy.cfg +++ b/terminaldweller.com/haproxy/haproxy.cfg @@ -36,7 +36,7 @@ frontend http acl blog-host hdr_sub(host) -i blog.terminaldweller.com acl mail-host hdr_sub(host) -i mail.terminaldweller.com acl api-host hdr_sub(host) -i api.terminaldweller.com - acl chat-host hdr_sub(host) -i chat.terminaldweller.com + acl jabber-host hdr_sub(host) -i jabber.terminaldweller.com acl searx-host hdr_sub(host) -i searx.terminaldweller.com acl editor-host hdr_sub(host) -i editor.terminaldweller.com acl editorsave-host hdr_sub(host) -i editorsave.terminaldweller.com @@ -44,6 +44,8 @@ frontend http acl discord-host hdr_sub(host) -i discord.terminaldweller.com acl rssgen-host hdr_sub(host) -i rssgen.terminaldweller.com acl git-host hdr_sub(host) -i git.terminaldweller.com + acl cargo-host hdr_sub(host) -i cargo.terminaldweller.com + acl browsh-host hdr_sub(host) -i browsh.terminaldweller.com acl mila-api-acl url_beg /mila acl crypto-api-acl url_beg /crypto acl http ssl_fc,not @@ -59,27 +61,31 @@ frontend http http-request redirect scheme https code 301 if http searx-host !letsencrypt-acl http-request redirect scheme https code 301 if http git-host !letsencrypt-acl # http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl + http-request redirect scheme https code 301 if http cargo-host !letsencrypt-acl + #http-request redirect scheme https code 301 if http jabber-host !letsencrypt-acl + # http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl #Conditions - #use_backend chat-cert-backend if letsencrypt-acl chat-host use_backend blog-backend-cert if letsencrypt-acl blog-host use_backend blog-backend-cert if letsencrypt-acl editor-host use_backend blog-backend-cert if letsencrypt-acl editorsave-host use_backend cloud-one-cert if letsencrypt-acl devourer-host - use_backend cloud-one-cert if letsencrypt-acl chat-host + use_backend searx-backend-cert if letsencrypt-acl jabber-host use_backend api-crypto-backend-cert if letsencrypt-acl api-host use_backend api-mila-backend-cert if letsencrypt-acl api-host use_backend searx-backend-cert if letsencrypt-acl searx-host use_backend searx-backend-cert if letsencrypt-acl rssgen-host use_backend searx-backend-cert if letsencrypt-acl git-host + use_backend searx-backend-cert if letsencrypt-acl cargo-host # use_backend editor-backend-cert if letsencrypt-acl editor-host - use_backend certbot-backend if letsencrypt-acl !chat-host !blog-host !api-host + use_backend certbot-backend if letsencrypt-acl !jabber-host !blog-host !api-host use_backend blog-backend if blog-host use_backend mail-backend if mail-host use_backend api-backend if api-host use_backend searx-backend if searx-host - use_backend rssgen-backend if rssgen-host use_backend git-backend if git-host + use_backend rssgen-backend if rssgen-host + use_backend browsh-backend if browsh-host #use_backend chat-backend if chat-host default_backend blog-backend @@ -92,7 +98,7 @@ frontend https tcp-request content reject #ACLs acl mail-host-s req.ssl_sni -i mail.terminaldweller.com - acl chat-host-s req.ssl_sni -i chat.terminaldweller.com + acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com acl blog-host-s req.ssl_sni -i blog.terminaldweller.com acl jericho-host-s req.ssl_sni -i jericho.terminaldweller.com acl api-host-s req.ssl_sni -i api.terminaldweller.com @@ -103,6 +109,7 @@ frontend https acl editor-host-s req.ssl_sni -i editor.terminaldweller.com acl editorsave-host-s req.ssl_sni -i editorsave.terminaldweller.com acl discord-host-s req.ssl_sni -i discord.terminaldweller.com + acl rssgen-host-s req.ssl_sni -i rssgen.terminaldweller.com #Conditions use_backend mail-backend-s if mail-host-s #use_backend chat-backend-s if chat-host-s @@ -116,6 +123,7 @@ frontend https use_backend editor-backend-s if editor-host-s use_backend editorsave-backend-s if editorsave-host-s use_backend git-backend-s if git-host-s + use_backend rssgen-backend-s if rssgen-host-s #frontend jabber5222 # bind *:5222 @@ -134,8 +142,11 @@ frontend jabbber5222 bind *:5222 timeout client 60s mode tcp - acl chat-host req.ssl_sni -i chat.terminaldweller.com - use_backend chat-backend-c2s if chat-host + #tcp-request inspect-delay 5s + #tcp-request content accept if { req.ssl_hello_type 1 } + #tcp-request content reject + acl jabber-host req.ssl_sni -i jabber.terminaldweller.com + use_backend jabber-backend-c2s if jabber-host frontend jabber5223 bind *:5223 timeout client 60s @@ -143,13 +154,17 @@ frontend jabber5223 tcp-request inspect-delay 5s tcp-request content accept if { req.ssl_hello_type 1 } tcp-request content reject - acl chat-host-s req.ssl_sni -i chat.terminaldweller.com - use_backend chat-auth-backend-s if chat-host-s + acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com + use_backend jabber-auth-backend-s if jabber-host-s frontend jabber5280 bind *:5280 - mode http - acl chat-host hdr_sub(host) -i chat.terminaldweller.com - use_backend chat-backend-admin if chat-host + timeout client 60s + mode tcp + tcp-request inspect-delay 5s + tcp-request content accept if { req.ssl_hello_type 1 } + tcp-request content reject + acl jabber-host req.ssl_sni -i jabber.terminaldweller.com + use_backend jabber-backend-admin if jabber-host frontend jabber5443 bind *:5443 timeout client 60s @@ -157,8 +172,8 @@ frontend jabber5443 tcp-request inspect-delay 5s tcp-request content accept if { req.ssl_hello_type 1 } tcp-request content reject - acl chat-host-s req.ssl_sni -i chat.terminaldweller.com - use_backend chat-backend-s if chat-host-s + acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com + use_backend jabber-backend-s if jabber-host-s frontend mail-imap bind *:143 @@ -234,7 +249,7 @@ backend blog-backend-cert backend cloud-one-cert mode http option forwardfor - server cloud-one-host 130.185.121.80:80 + server cloud-one-host 185.130.47.208:80 backend blog-backend-s mode tcp option tcp-check @@ -296,72 +311,73 @@ backend api-crypto-backend-cert backend api-mila-backend-s mode tcp option tcp-check - server api-mila-host 130.185.121.80:19019 + server api-mila-host 185.130.47.208:9009 backend api-mila-backend-cert mode http option forwardfor - server api-mila-host 130.185.121.80 + server api-mila-host 185.130.47.208:80 -backend chat-backend-admin - mode http - server chat-host 130.185.121.80:5280 -#backend chat-backend -# mode http -# server chat-host 130.185.121.80:5222 -backend chat-backend-s +backend jabber-backend-admin mode tcp option tcp-check - server chat-host 130.185.121.80:5443 -backend chat-backend-c2s + server jabber-host 185.130.47.208:5280 +backend jabber-backend-s mode tcp option tcp-check - server chat-host 130.185.121.80:5222 -backend chat-auth-backend-s + server jabber-host 185.130.47.208:5443 +backend jabber-backend-c2s + mode tcp + server jabber-host 185.130.47.208:5222 +backend jabber-auth-backend-s mode tcp option tcp-check - server chat-host 130.185.121.80:5223 -#backend chat-cert-backend -# mode http -# server chat-cert-server 130.185.121.80:8880 + server jabber-host 185.130.47.208:5223 backend searx-backend-cert mode http - server searx-host-cert 130.185.121.80:80 + server searx-host-cert 185.130.47.208:80 backend searx-backend mode http - server searx-host 130.185.121.80:8080 + server searx-host 185.130.47.208:8080 backend searx-backend-s #balance roundrobin mode tcp option tcp-check - server searx-host-s 130.185.121.80:8081 maxconn 10 + server searx-host-s 185.130.47.208:8081 maxconn 10 #server searx-host-s 192.99.102.52:8081 maxconn 10 backend cargo-backend-s mode tcp option tcp-check - server cargo-host-s 130.185.121.80:7777 + server cargo-host-s 185.130.47.208:7777 backend editor-backend-s mode tcp option tcp-check - server cargo-host-s 192.99.102.52:7080 + server editor-host-s 192.99.102.52:7080 backend editorsave-backend-s mode tcp option tcp-check - server cargo-host-s 192.99.102.52:9080 + server editorsave-host-s 192.99.102.52:9080 backend rssgen-backend mode http - option forwardfor - server rssgen-host 130.185.121.80:3000 check + server rssgen-host-s 185.130.47.208:3000 +backend rssgen-backend-s + mode tcp + option tcp-check + server rssgen-host-s 185.130.47.208:3000 backend git-backend mode http option forwardfor - server git-host 130.185.121.80:8042 + server git-host 185.130.47.208:8042 backend git-backend-s mode tcp option tcp-check - server git-host-s 130.185.121.80:8043 check + server git-host-s 185.130.47.208:8043 check + +backend browsh-backend + mode http + server browsh-host 185.130.45.46:4333 |