global maxconn 2048 maxconnrate 40 stats socket /run/haproxy.sock mode 600 user telegraf stats timeout 2m defaults mode http retries 3 option forwardfor option http-keep-alive option tcp-smart-connect option tcpka option abortonclose balance roundrobin compression algo gzip timeout http-request 10s timeout connect 10s timeout client 60s timeout server 240s timeout http-keep-alive 240s default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check errorfile 400 /etc/redxen/haproxy/errorpages/400.http errorfile 403 /etc/redxen/haproxy/errorpages/403.http errorfile 408 /etc/redxen/haproxy/errorpages/408.http errorfile 500 /etc/redxen/haproxy/errorpages/500.http errorfile 502 /etc/redxen/haproxy/errorpages/502.http errorfile 503 /etc/redxen/haproxy/errorpages/503.http errorfile 504 /etc/redxen/haproxy/errorpages/504.http resolvers local nameserver unbound 127.0.0.1:53 resolve_retries 2 timeout retry 300ms hold other 100ms hold refused 100ms hold nx 100ms hold timeout 3s hold valid 60s listen git-gitea mode tcp bind ipv4@*:2442,ipv6@*:2442 option tcp-check server-template gitssh 1 _gitssh._tcp.routinginfo.internal frontend http mode http bind ipv4@:443,ipv6@:443 ssl crt /etc/redxen/letsencrypt/full.crt alpn h2,http/1.1 bind ipv4@:80,ipv6@:80 acl root path / acl seedbox hdr_beg(host) -i seed.redxen redirect prefix /web code 302 if seedbox root http-response set-header X-Forwarded-Proto https http-response set-header X-XSS-Protection 1;\ mode=block http-response set-header X-Content-Type-Options nosniff http-response set-header Referrer-Policy no-referrer-when-downgrade http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload use_backend backend-transmission if seedbox use_backend backend-root if { hdr_beg(host) -i redxen } use_backend backend-grafana if { hdr_beg(host) -i stats.redxen } # use_backend backend-pleroma if { hdr_beg(host) -i social.redxen } use_backend backend-gitea if { hdr_beg(host) -i git.redxen } use_backend backend-seedown if { hdr_beg(host) -i sd.redxen } use_backend backend-packages if { hdr_beg(host) -i packages.redxen } use_backend backend-monerod if { hdr_beg(host) -i monerod.redxen } backend backend-root server-template root 1 _root._tcp.routinginfo.internal option httpchk HEAD / HTTP/1.1 http-check send hdr Host redxen.eu backend backend-transmission server-template transmission 1 _transmission._tcp.routinginfo.internal backend backend-grafana server-template grafana 1 _grafana._tcp.routinginfo.internal option httpchk HEAD / HTTP/1.1 http-check send hdr Host stats.redxen.eu backend backend-seedown server-template seedown 1 _seedown._tcp.routinginfo.internal option httpchk HEAD / HTTP/1.1 http-check send hdr Host sd.redxen.eu backend backend-packages server-template packages 1 _packages._tcp.routinginfo.internal option httpchk HEAD / HTTP/1.1 http-check send hdr Host packages.redxen.eu # backend backend-pleroma # server-template pleroma 1 _pleroma._tcp.routinginfo.internal # option httpchk HEAD / HTTP/1.1 # http-check send hdr Host social.redxen.eu backend backend-gitea server-template gitea 1 _gitea._tcp.routinginfo.internal option httpchk HEAD / HTTP/1.1 http-check send hdr Host gitea.redxen.eu backend backend-monerod server-template monerod 1 _monerod._tcp.routinginfo.internal option httpchk POST /json_rpc HTTP/1.1 http-check send body \{\"method\"\:\"get_version\"\} hdr Content-Type application/json