diff options
Diffstat (limited to 'terminaldweller.com/haproxy/haproxy.cfg')
| -rw-r--r-- | terminaldweller.com/haproxy/haproxy.cfg | 103 |
1 files changed, 60 insertions, 43 deletions
diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg index 19e7bac..f1c288e 100644 --- a/terminaldweller.com/haproxy/haproxy.cfg +++ b/terminaldweller.com/haproxy/haproxy.cfg @@ -1,60 +1,77 @@ global -log 127.0.0.1 local0 + log 127.0.0.1 local0 + ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL defaults -timeout connect 5000ms -timeout client 50000ms -timeout server 50000ms -mode tcp -option tcplog -option dontlognull + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + mode tcp + option tcplog + option dontlognull + +resolvers docker_resolver + nameserver dns 127.0.0.11:53 #Frontends frontend front -bind *:80 -bind: *.443 -mode tcp -timeout client 60s - -#ACLs -acl blog-host hdr_sub(host) -i blog.terminaldweller.com -acl mail-host hdr_sub(host) -i mail.terminaldweller.com -acl api-host hdr_sub(host) -i api.terminaldweller.com -acl chat-host hdr_sub(host) -i chat.terminaldweller.com -acl chat-host-s req.ssl_sni -i chat.terminaldweller.com - -#Consitions -use_backend blog-backend if blog-host -use_backend mail-backend if mail-host -use_backend api-backend if api-host -use_backend chat-backend-s if chat-host-s -default_backend blog-backend + bind *:80 + bind *:443 + mode tcp + timeout client 60s + #ACLs + acl letsencrypt-acl path_beg /.well-known/acme-challenge/ + acl blog-host hdr_sub(host) -i blog.terminaldweller.com + acl mail-host hdr_sub(host) -i mail.terminaldweller.com + acl mail-host-s req.ssl_sni -i mail.terminaldweller.com + acl api-host hdr_sub(host) -i api.terminaldweller.com + acl chat-host hdr_sub(host) -i chat.terminaldweller.com + acl chat-host-s req.ssl_sni -i chat.terminaldweller.com + #Consitions + use_backend certbot-backend if letsencrypt-acl + use_backend blog-backend if blog-host + use_backend mail-backend if mail-host + use_backend mail-backend-s if mail-host-s + use_backend api-backend if api-host + use_backend chat-backend-s if chat-host-s + default_backend blog-backend #Backends +backend certbot-backend + server nginx nginx:80 resolvers docker_resolver check init-addr none + backend blog-backend -mode http -option forwardfor -server blog-host 192.99.102.52:9000 check + mode http + option forwardfor + server blog-host 192.99.102.52:9000 check backend mail-backend -mode http -option forwardfor -server mail-host 185.126.202.69:80 check + mode http + option forwardfor + server mail-host 185.126.202.69:80 check + +backend mail-backend-s + timeout server 60s + timeout client 60s + mode tcp + option forwardfor + option ssl-hello-chk + server mail-host-s 185.126.202.69:443 check backend api-backend -mode http -option forwardfor -server api-host 192.99.102.52:8008 check + mode http + option forwardfor + server api-host 192.99.102.52:8008 check backend chat-backend -mode http -option forwardfor -server chat-host 87.236.209.206:5280 check + mode http + option forwardfor + server chat-host 87.236.209.206:5280 check backend chat-backend-s -timeout server 60s -timeout client 60s -mode tcp -option forwardfor -option ssl-hello-chk -server chat-host 87.236.209.206:5281 check + timeout server 60s + timeout client 60s + mode tcp + option forwardfor + option ssl-hello-chk + server chat-host-s 87.236.209.206:5280 check |