Вы не можете выбрать более 25 тем
Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
|
- global
- maxconn 4096
- #tune.ssl.default-dh-param 2048
-
- defaults
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- #log global
- #log 127.0.0.1 local0 debug
- #option tcplog
-
- # https://www.haproxy.com/blog/how-to-get-ssl-with-haproxy-getting-rid-of-stunnel-stud-nginx-or-pound/
- frontend https-in
- mode http
- #bind *:443 ssl crt /etc/letsencrypt/haproxy/${NEXTCLOUD_URL}.pem crt /etc/letsencrypt/haproxy/${GITEA_URL}.pem
- bind *:443 ssl ${HAPROXY_CERTS}
-
- acl letsencrypt-acl path_beg /.well-known/acme-challenge/
- #acl nextcloud-acl ssl_fc_sni ${NEXTCLOUD_URL}
- #acl gitea-acl ssl_fc_sni ${GITEA_URL}
- acl nextcloud-acl ssl_fc_sni_reg ^${NEXTCLOUD_SERVER_NAME}\.
- acl gitea-acl ssl_fc_sni_reg ^${GITEA_SERVER_NAME}\.
- acl hauk-acl ssl_fc_sni_reg ^${HAUK_SERVER_NAME}\.
-
- use_backend letsencrypt-backend if letsencrypt-acl
- use_backend nextcloud if nextcloud-acl
- use_backend gitea if gitea-acl
- use_backend hauk if hauk-acl
-
- default_backend nextcloud
-
- backend nextcloud
- # http://cbonte.github.io/haproxy-dconv/1.5/configuration.html#option%20http-server-close
- #option http-server-close
- #option forwardfor
-
- #redirect http to https
- #redirect scheme https if !{ ssl_fc }
-
- server nextcloud nextcloud:443 maxconn 32 check ssl verify none
-
- backend gitea
- #redirect http to https
- #redirect scheme https if !{ ssl_fc }
-
- server gitea gitea:2443 maxconn 32 check ssl verify none
-
- backend hauk
- server hauk hauk:80 maxconn 32
-
- frontend http-in
- bind *:80
- acl letsencrypt-acl path_beg /.well-known/acme-challenge/
- #acl is_nextcloud hdr_end(host) -i ${NEXTCLOUD_URL}
- #acl is_gitea hdr_end(host) -i ${GITEA_URL}
- acl is_nextcloud hdr_reg(host) ^${NEXTCLOUD_SERVER_NAME}\.
- acl is_gitea hdr_reg(host) ^${GITEA_SERVER_NAME}\.
- acl is_hauk hdr_reg(host) ^${HAUK_SERVER_NAME}\.
-
- use_backend letsencrypt-backend if letsencrypt-acl
- use_backend nextcloud-insecure if is_nextcloud
- use_backend gitea-insecure if is_gitea
- use_backend hauk-insecure if is_hauk
- default_backend pihole-insecure
-
- backend nextcloud-insecure
- server nextcloud nextcloud:80 maxconn 32
-
- backend gitea-insecure
- server gitea gitea:3000 maxconn 32
-
- backend hauk-insecure
- server hauk hauk:80 maxconn 32
-
- backend pihole-insecure
- server pihole pihole:80 maxconn 32
-
- # LE Backend
- backend letsencrypt-backend
- server letsencrypt 127.0.0.1:8888
-
- #listen admin
- # bind 127.0.0.1:8080
- # stats enable
|
