Change ratelimit, retry count and remove onlyoffice

build/HAProxy/Dockerfile

@@ -1,4 +1,3 @@
 FROM haproxy:alpine
 
-COPY --chown=nobody:nogroup haproxy.conf /usr/local/etc/haproxy/haproxy.cfg
-USER nobody:nogroup
+COPY haproxy.conf /usr/local/etc/haproxy/haproxy.cfg

build/HAProxy/haproxy.conf

@@ -6,7 +6,7 @@ global
 
 defaults
   mode http
-  retries 3
+  retries 1
   option forwardfor
   option http-keep-alive
   option tcp-smart-connect
@@ -14,11 +14,10 @@ defaults
   option http-buffer-request
   compression offload
   timeout http-request 10s
-  timeout connect 5s
-  timeout client 20s
+  timeout connect 10s
+  timeout client 60s
   timeout server 240s
-  timeout http-keep-alive 300s
-  rate-limit sessions 100
+  timeout http-keep-alive 240s
   default-server resolvers dockerdns
 
 resolvers dockerdns
@@ -47,7 +46,6 @@ frontend https
   acl nextcloud hdr_beg(host) -i cloud.redxen.eu
   acl git hdr_beg(host) -i git.redxen.eu
   acl transmission hdr_beg(host) -i seed.redxen.eu
-  acl onlyoffice hdr_beg(host) -i office.redxen.eu
   acl seedown hdr_beg(host) -i sd.redxen.eu
   acl homepage hdr_beg(host) -i redxen.eu
 
@@ -72,7 +70,6 @@ frontend https
   use_backend grafana if grafana
   use_backend git if git
   use_backend transmission if transmission
-  use_backend onlyoffice if onlyoffice
   use_backend homepage if homepage
   use_backend seedown if seedown
 
@@ -84,7 +81,7 @@ backend homepage
 backend nextcloud
   server nextcloud-docker cloud_nextcloud:80
   option httpchk HEAD / HTTP/1.1\r\nHost:\ cloud.redxen.eu
-  http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ https://office.redxen.eu\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ https://office.redxen.eu\ https://youtube.com\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
+  http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ https://youtube.com\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
   http-response set-header X-Robots-Tag none
   http-response set-header X-Download-Options noopen
   http-response set-header X-Permitted-Cross-Domain-Policies none
@@ -103,9 +100,5 @@ backend transmission
   server transmission-docker seedbox_transmission:9091 check
   http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
 
-backend onlyoffice
-  server onlyoffice-docker cloud_documentserver:80 check
-  http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-eval\'\ \'unsafe-inline\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
-
 backend seedown
   server httpd-seedown seedbox_httpd:80 check

build/Varnish/Dockerfile

@@ -1,4 +1,3 @@
 FROM varnish
 
-COPY --chown=nobody:nogroup varnish.vcl /etc/varnish/default.vcl
-USER nobody:nogroup
+COPY varnish.vcl /etc/varnish/default.vcl