bingen
/
rpi_docker_home_server
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
87 коммитов
6 Ветки
Дерево: 9c294a0b86
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '9c294a0b86'
${ noResults }
rpi_docker_home_server/images/haproxy/haproxy.cfg

86 lines
2.5KB
Исходник Blame История 

  1. global

  2.     maxconn 4096

  3.     #tune.ssl.default-dh-param 2048

  4. 

  5. defaults

  6.     mode http

  7.     timeout connect 5000ms

  8.     timeout client 50000ms

  9.     timeout server 50000ms

  10.     #log global

  11.     #log 127.0.0.1 local0 debug

  12.     #option tcplog

  13. 

  14. # https://www.haproxy.com/blog/how-to-get-ssl-with-haproxy-getting-rid-of-stunnel-stud-nginx-or-pound/

  15. frontend https-in

  16.     mode http

  17.     #bind *:443 ssl crt /etc/letsencrypt/haproxy/${NEXTCLOUD_URL}.pem crt /etc/letsencrypt/haproxy/${GITEA_URL}.pem

  18.     bind *:443 ssl ${HAPROXY_CERTS}

  19. 

  20.     acl letsencrypt-acl path_beg /.well-known/acme-challenge/

  21.     #acl nextcloud-acl ssl_fc_sni ${NEXTCLOUD_URL}

  22.     #acl gitea-acl ssl_fc_sni ${GITEA_URL}

  23.     acl nextcloud-acl ssl_fc_sni_reg ^${NEXTCLOUD_SERVER_NAME}\.

  24.     acl gitea-acl ssl_fc_sni_reg ^${GITEA_SERVER_NAME}\.

  25.     acl hauk-acl ssl_fc_sni_reg ^${HAUK_SERVER_NAME}\.

  26. 

  27.     use_backend letsencrypt-backend if letsencrypt-acl

  28.     use_backend nextcloud if nextcloud-acl

  29.     use_backend gitea if gitea-acl

  30.     use_backend hauk if hauk-acl

  31. 

  32.     default_backend nextcloud

  33. 

  34. backend nextcloud

  35.     # http://cbonte.github.io/haproxy-dconv/1.5/configuration.html#option%20http-server-close

  36.     #option http-server-close

  37.     #option forwardfor

  38. 

  39.     #redirect http to https

  40.     #redirect scheme https if !{ ssl_fc }

  41. 

  42.     server nextcloud nextcloud:443 maxconn 32 check ssl verify none

  43. 

  44. backend gitea

  45.     #redirect http to https

  46.     #redirect scheme https if !{ ssl_fc }

  47. 

  48.     server gitea gitea:2443 maxconn 32 check ssl verify none

  49. 

  50. backend hauk

  51.     server hauk hauk:80 maxconn 32

  52. 

  53. frontend http-in

  54.     bind *:80

  55.     acl letsencrypt-acl path_beg /.well-known/acme-challenge/

  56.     #acl is_nextcloud hdr_end(host) -i ${NEXTCLOUD_URL}

  57.     #acl is_gitea hdr_end(host) -i ${GITEA_URL}

  58.     acl is_nextcloud hdr_reg(host) ^${NEXTCLOUD_SERVER_NAME}\.

  59.     acl is_gitea hdr_reg(host) ^${GITEA_SERVER_NAME}\.

  60.     acl is_hauk hdr_reg(host) ^${HAUK_SERVER_NAME}\.

  61. 

  62.     use_backend letsencrypt-backend if letsencrypt-acl

  63.     use_backend nextcloud-insecure if is_nextcloud

  64.     use_backend gitea-insecure if is_gitea

  65.     use_backend hauk-insecure if is_hauk

  66.     default_backend pihole-insecure

  67. 

  68. backend nextcloud-insecure

  69.     server nextcloud nextcloud:80 maxconn 32

  70. 

  71. backend gitea-insecure

  72.     server gitea gitea:3000 maxconn 32

  73. 

  74. backend hauk-insecure

  75.     server hauk hauk:80 maxconn 32

  76. 

  77. backend pihole-insecure

  78.     server pihole pihole:80 maxconn 32

  79. 

  80. # LE Backend

  81. backend letsencrypt-backend

  82.     server letsencrypt 127.0.0.1:8888

  83. 

  84. #listen admin

  85. #    bind 127.0.0.1:8080

  86. #        stats enable