aports/config/haproxy/main.cfg

110 lines
3.7 KiB
INI
Raw Normal View History

2020-10-31 15:34:48 +00:00
global
maxconn 2048
maxconnrate 40
2020-12-13 01:33:40 +00:00
stats socket /run/haproxy.sock mode 600 user telegraf
stats timeout 2m
2020-10-31 15:34:48 +00:00
defaults
mode http
2021-01-16 14:55:41 +00:00
retries 3
2020-10-31 15:34:48 +00:00
option forwardfor
option http-keep-alive
option tcp-smart-connect
option tcpka
2021-01-16 14:55:41 +00:00
option abortonclose
2020-10-31 15:34:48 +00:00
balance roundrobin
compression algo gzip
timeout http-request 10s
timeout connect 10s
timeout client 60s
timeout server 240s
timeout http-keep-alive 240s
default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check
2020-11-20 16:31:49 +00:00
errorfile 400 /etc/haproxy/errorpages/400.http
errorfile 403 /etc/haproxy/errorpages/403.http
errorfile 408 /etc/haproxy/errorpages/408.http
errorfile 500 /etc/haproxy/errorpages/500.http
errorfile 502 /etc/haproxy/errorpages/502.http
errorfile 503 /etc/haproxy/errorpages/503.http
errorfile 504 /etc/haproxy/errorpages/504.http
2020-10-31 15:34:48 +00:00
resolvers local
nameserver unbound 127.0.0.1:53
resolve_retries 2
timeout retry 300ms
hold other 100ms
hold refused 100ms
hold nx 100ms
hold timeout 3s
hold valid 5s
2020-12-22 22:14:01 +00:00
listen git-gitea
mode tcp
bind ipv4@*:2442,ipv6@*:2442
option tcp-check
server-template gitssh 1 _gitssh._tcp.routinginfo.redxen.localhost
2020-10-31 15:34:48 +00:00
frontend http
mode http
bind ipv4@:443,ipv6@:443 ssl crt /etc/ssl/redxen/letsencrypt/full.crt alpn h2,http/1.1
2020-11-20 16:31:49 +00:00
bind ipv4@:80,ipv6@:80
2020-10-31 15:34:48 +00:00
2020-12-13 01:33:40 +00:00
acl root path /
2020-11-20 16:31:49 +00:00
2021-02-17 15:32:10 +00:00
acl seedbox hdr_beg(host) -i seed.redxen
use_backend backend-transmission if seedbox
redirect prefix /web code 302 if seedbox root
2020-11-20 16:31:49 +00:00
2021-02-17 15:32:10 +00:00
use_backend backend-root if { hdr_beg(host) -i redxen }
use_backend backend-grafana if { hdr_beg(host) -i stats.redxen }
# use_backend backend-pleroma if { hdr_beg(host) -i social.redxen }
use_backend backend-gitea if { hdr_beg(host) -i git.redxen }
use_backend backend-seedown if { hdr_beg(host) -i sd.redxen }
use_backend backend-packages if { hdr_beg(host) -i packages.redxen }
2021-03-20 13:20:26 +00:00
use_backend backend-monerod if { hdr_beg(host) -i monerod.redxen }
2020-10-31 15:34:48 +00:00
2020-12-13 01:33:40 +00:00
http-response set-header X-Forwarded-Proto https
2020-10-31 15:34:48 +00:00
http-response set-header X-XSS-Protection 1;\ mode=block
http-response set-header X-Content-Type-Options nosniff
http-response set-header Referrer-Policy no-referrer-when-downgrade
http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
2020-11-20 16:31:49 +00:00
backend backend-root
server-template root 1 _root._tcp.routinginfo.redxen.localhost
option httpchk HEAD / HTTP/1.1
http-check send hdr Host redxen.eu
2020-11-20 16:31:49 +00:00
backend backend-transmission
server-template transmission 1 _transmission._tcp.routinginfo.redxen.localhost
backend backend-grafana
2020-12-13 01:33:40 +00:00
server-template grafana 1 _grafana._tcp.routinginfo.redxen.localhost
2020-11-20 16:31:49 +00:00
option httpchk HEAD / HTTP/1.1
http-check send hdr Host stats.redxen.eu
backend backend-seedown
server-template seedown 1 _seedown._tcp.routinginfo.redxen.localhost
option httpchk HEAD / HTTP/1.1
2020-12-13 01:33:40 +00:00
http-check send hdr Host sd.redxen.eu
2020-11-20 16:31:49 +00:00
backend backend-packages
server-template packages 1 _packages._tcp.routinginfo.redxen.localhost
option httpchk HEAD / HTTP/1.1
http-check send hdr Host packages.redxen.eu
2021-01-16 14:55:41 +00:00
# backend backend-pleroma
# server-template pleroma 1 _pleroma._tcp.routinginfo.redxen.localhost
# option httpchk HEAD / HTTP/1.1
# http-check send hdr Host social.redxen.eu
2020-11-20 16:31:49 +00:00
backend backend-gitea
server-template gitea 1 _gitea._tcp.routinginfo.redxen.localhost
option httpchk HEAD / HTTP/1.1
2020-12-22 22:14:01 +00:00
http-check send hdr Host gitea.redxen.eu
2021-03-20 13:20:26 +00:00
backend backend-monerod
server-template monerod 1 _monerod._tcp.routinginfo.redxen.localhost
option httpchk POST /json_rpc HTTP/1.1
http-check send body \{\"method\"\:\"get_version\"\} hdr Content-Type application/json