aports/software-configs/haproxy-redxen-config/main.cfg

global
  maxconn 2048
  maxconnrate 40

defaults
  mode http
  retries 1
  option forwardfor
  option http-keep-alive
  option tcp-smart-connect
  option tcpka
  balance roundrobin
  compression algo gzip
  timeout http-request 10s
  timeout connect 10s
  timeout client 60s
  timeout server 240s
  timeout http-keep-alive 240s
  default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check

  #errorfile 400 /etc/haproxy/errors/400.http
  #errorfile 403 /etc/haproxy/errors/403.http
  #errorfile 408 /etc/haproxy/errors/408.http
  #errorfile 500 /etc/haproxy/errors/500.http
  #errorfile 502 /etc/haproxy/errors/502.http
  #errorfile 503 /etc/haproxy/errors/503.http
  #errorfile 504 /etc/haproxy/errors/504.http

resolvers local
  nameserver unbound 127.0.0.1:53
  resolve_retries 2
  timeout retry 300ms
  hold other           100ms
  hold refused         100ms
  hold nx              100ms
  hold timeout         3s
  hold valid           5s

listen 0-dev
  mode tcp
  bind ipv4@*:2442,ipv6@*:2442
  option tcp-check
  server dev-0 10.0.0.10:2443 

listen 1-social
  mode tcp
  bind ipv4@*:64738,ipv6@*:64738
  option tcp-check
  server social-0 10.0.0.10:6401 

listen 2-games
  mode tcp
  bind ipv4@*:25565,ipv6@*:25565
  option tcp-check
  server games-0 10.0.0.7:25560 

listen 3-games
  mode tcp
  bind ipv4@*:7777,ipv6@*:7777
  option tcp-check
  server games-0 10.0.0.7:7776 

frontend http
  mode http
  bind /haproxy.sock mode 660 alpn h2,http/1.1

  acl root url /

  use_backend backend-grafana if { hdr_beg(host) -i stats }
  use_backend backend-gitea if { hdr_beg(host) -i git }
  use_backend backend-transmission if { hdr_beg(host) -i seed }
  use_backend backend-seedown if { hdr_beg(host) -i sd }
  use_backend backend-pleroma if { hdr_beg(host) -i social }
  use_backend backend-homepage if { hdr(host) -i redxen.eu }
  use_backend backend-deavmi-proxy if { hdr_beg(host) -i deavmi-proxy }

  redirect prefix /web code 302  if { hdr_beg(host) -i seed } { url / }
  http-response add-header X-Forwarded-Proto https
  http-response set-header X-XSS-Protection 1;\ mode=block
  http-response set-header X-Content-Type-Options nosniff
  http-response set-header Referrer-Policy no-referrer-when-downgrade
  http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload

backend backend-grafana
  server-template grafana 5 _grafana._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ stats.redxen.eu

backend backend-gitea
  server-template gitea 1 _gitea._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ git.redxen.eu

backend backend-transmission
  server-template transmission 1 _transmission._tcp.redxen.localhost

backend backend-seedown
  server-template seedown 1 _seedown._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ sd.redxen.eu

backend backend-pleroma
  server-template pleroma 1 _pleroma._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ social.redxen.eu

backend backend-homepage
  server-template homepage 1 _homepage._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ root.redxen.eu

backend backend-deavmi-proxy
  server-template deavmi-proxy 1 _deavmi-proxy._tcp.redxen.localhost
  option httpchk HEAD / HTTP/1.1\r\nHost:\ deavmi-proxy.redxen.eu
Initial commit 2020-10-31 15:34:48 +00:00			`global`
			`maxconn 2048`
			`maxconnrate 40`

			`defaults`
			`mode http`
			`retries 1`
			`option forwardfor`
			`option http-keep-alive`
			`option tcp-smart-connect`
			`option tcpka`
			`balance roundrobin`
			`compression algo gzip`
			`timeout http-request 10s`
			`timeout connect 10s`
			`timeout client 60s`
			`timeout server 240s`
			`timeout http-keep-alive 240s`
			`default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check`

			`#errorfile 400 /etc/haproxy/errors/400.http`
			`#errorfile 403 /etc/haproxy/errors/403.http`
			`#errorfile 408 /etc/haproxy/errors/408.http`
			`#errorfile 500 /etc/haproxy/errors/500.http`
			`#errorfile 502 /etc/haproxy/errors/502.http`
			`#errorfile 503 /etc/haproxy/errors/503.http`
			`#errorfile 504 /etc/haproxy/errors/504.http`

			`resolvers local`
			`nameserver unbound 127.0.0.1:53`
			`resolve_retries 2`
			`timeout retry 300ms`
			`hold other 100ms`
			`hold refused 100ms`
			`hold nx 100ms`
			`hold timeout 3s`
			`hold valid 5s`

			`listen 0-dev`
			`mode tcp`
			`bind ipv4@:2442,ipv6@:2442`
			`option tcp-check`
			`server dev-0 10.0.0.10:2443`

			`listen 1-social`
			`mode tcp`
			`bind ipv4@:64738,ipv6@:64738`
			`option tcp-check`
			`server social-0 10.0.0.10:6401`

			`listen 2-games`
			`mode tcp`
			`bind ipv4@:25565,ipv6@:25565`
			`option tcp-check`
			`server games-0 10.0.0.7:25560`

			`listen 3-games`
			`mode tcp`
			`bind ipv4@:7777,ipv6@:7777`
			`option tcp-check`
			`server games-0 10.0.0.7:7776`

			`frontend http`
			`mode http`
			`bind /haproxy.sock mode 660 alpn h2,http/1.1`

			`acl root url /`

			`use_backend backend-grafana if { hdr_beg(host) -i stats }`
			`use_backend backend-gitea if { hdr_beg(host) -i git }`
			`use_backend backend-transmission if { hdr_beg(host) -i seed }`
			`use_backend backend-seedown if { hdr_beg(host) -i sd }`
			`use_backend backend-pleroma if { hdr_beg(host) -i social }`
			`use_backend backend-homepage if { hdr(host) -i redxen.eu }`
			`use_backend backend-deavmi-proxy if { hdr_beg(host) -i deavmi-proxy }`

			`redirect prefix /web code 302 if { hdr_beg(host) -i seed } { url / }`
			`http-response add-header X-Forwarded-Proto https`
			`http-response set-header X-XSS-Protection 1;\ mode=block`
			`http-response set-header X-Content-Type-Options nosniff`
			`http-response set-header Referrer-Policy no-referrer-when-downgrade`
			`http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload`

			`backend backend-grafana`
			`server-template grafana 5 _grafana._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ stats.redxen.eu`

			`backend backend-gitea`
			`server-template gitea 1 _gitea._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ git.redxen.eu`

			`backend backend-transmission`
			`server-template transmission 1 _transmission._tcp.redxen.localhost`

			`backend backend-seedown`
			`server-template seedown 1 _seedown._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ sd.redxen.eu`

			`backend backend-pleroma`
			`server-template pleroma 1 _pleroma._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ social.redxen.eu`

			`backend backend-homepage`
			`server-template homepage 1 _homepage._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ root.redxen.eu`

			`backend backend-deavmi-proxy`
			`server-template deavmi-proxy 1 _deavmi-proxy._tcp.redxen.localhost`
			`option httpchk HEAD / HTTP/1.1\r\nHost:\ deavmi-proxy.redxen.eu`