Round robin balancing, TLS 1.2 minimum, ignore down services and use tasks. dns name for direct endpoints rather than VIP
This commit is contained in:
parent
1f1685e457
commit
ef38ec3e84
|
@ -1,5 +1,6 @@
|
||||||
global
|
global
|
||||||
tune.ssl.default-dh-param 2048
|
tune.ssl.default-dh-param 2048
|
||||||
|
ssl-default-bind-options ssl-min-ver TLSv1.2
|
||||||
maxconn 2048
|
maxconn 2048
|
||||||
maxconnrate 40
|
maxconnrate 40
|
||||||
uid 65534
|
uid 65534
|
||||||
|
@ -15,13 +16,14 @@ defaults
|
||||||
option tcp-smart-connect
|
option tcp-smart-connect
|
||||||
option tcpka
|
option tcpka
|
||||||
option http-buffer-request
|
option http-buffer-request
|
||||||
|
balance roundrobin
|
||||||
compression algo gzip
|
compression algo gzip
|
||||||
timeout http-request 10s
|
timeout http-request 10s
|
||||||
timeout connect 10s
|
timeout connect 10s
|
||||||
timeout client 60s
|
timeout client 60s
|
||||||
timeout server 240s
|
timeout server 240s
|
||||||
timeout http-keep-alive 240s
|
timeout http-keep-alive 240s
|
||||||
default-server resolvers dockerdns
|
default-server resolvers dockerdns init-addr libc,none
|
||||||
|
|
||||||
resolvers dockerdns
|
resolvers dockerdns
|
||||||
nameserver docker 127.0.0.11:53
|
nameserver docker 127.0.0.11:53
|
||||||
|
@ -69,23 +71,23 @@ frontend https
|
||||||
use_backend seedown if seedown
|
use_backend seedown if seedown
|
||||||
|
|
||||||
backend homepage
|
backend homepage
|
||||||
server redxen-space rxhome.s3-website.eu-central-1.amazonaws.com:80
|
server-template redxen-space 3 rxhome.s3-website.eu-central-1.amazonaws.com:80
|
||||||
http-request set-header Host rxhome.s3-website.eu-central-1.amazonaws.com
|
http-request set-header Host rxhome.s3-website.eu-central-1.amazonaws.com
|
||||||
http-request set-header Connection \"\"
|
http-request set-header Connection \"\"
|
||||||
|
|
||||||
backend grafana
|
backend grafana
|
||||||
server grafana-docker tig_grafana:3000 check
|
server-template grafana-docker 5 tasks.tig_grafana:3000 check
|
||||||
option httpchk HEAD / HTTP/1.1\r\nHost:\ stats.redxen.eu
|
option httpchk HEAD / HTTP/1.1\r\nHost:\ stats.redxen.eu
|
||||||
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ \'unsafe-eval\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ \'unsafe-eval\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
||||||
|
|
||||||
backend git
|
backend git
|
||||||
server git-docker git_gitea:3000 check
|
server git-docker tasks.git_gitea:3000 check
|
||||||
option httpchk HEAD / HTTP/1.1\r\nHost:\ git.redxen.eu
|
option httpchk HEAD / HTTP/1.1\r\nHost:\ git.redxen.eu
|
||||||
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ https:\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ \'unsafe-eval\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ https:\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'unsafe-inline\'\ \'unsafe-eval\'\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
||||||
|
|
||||||
backend transmission
|
backend transmission
|
||||||
server transmission-docker seedbox_transmission:9091 check
|
server transmission-docker tasks.seedbox_transmission:9091 check
|
||||||
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
http-response set-header Content-Security-Policy default-src\ \'self\';connect-src\ \'self\';font-src\ https:\ data:\ \'self\';script-src\ \'self\';style-src\ \'self\'\ \'unsafe-inline\';media-src\ https:\ \'self\';img-src\ https:\ blob:\ data:\ \'self\';frame-src\ \'self\';object-src\ \'none\';block-all-mixed-content;upgrade-insecure-requests
|
||||||
|
|
||||||
backend seedown
|
backend seedown
|
||||||
server httpd-seedown seedbox_httpd:80 check
|
server httpd-seedown tasks.seedbox_httpd:80 check
|
||||||
|
|
Reference in New Issue