105 lines
4.0 KiB
INI
105 lines
4.0 KiB
INI
defaults
|
|
log stdout format raw local0 info
|
|
option tcplog
|
|
timeout connect 5s
|
|
timeout client 30s
|
|
timeout server 30s
|
|
|
|
listen haproxy-monitoring
|
|
bind *:1936
|
|
mode http
|
|
stats enable
|
|
stats hide-version
|
|
stats realm Haproxy\ Statistics
|
|
stats uri /
|
|
stats auth admin:password
|
|
|
|
frontend http
|
|
bind *:80
|
|
mode http
|
|
use_backend http_bookstack_server if { hdr(host) -i www.2li.ch }
|
|
use_backend http_bookstack_server if { hdr(host) -i 2li.ch }
|
|
use_backend http_mail_server if { hdr(host) -i mail.zweili.org }
|
|
redirect scheme https code 301 if { hdr(host) -i git.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i heimdall.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i jitsi.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i nextcloud.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i plattform.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i shaarli-andreas.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i shaarli-gecko.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i ttrss.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i wallabag.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i webmail.2li.ch } !{ ssl_fc }
|
|
redirect scheme https code 301 if { hdr(host) -i rss-bridge.2li.ch } !{ ssl_fc }
|
|
|
|
backend http_mail_server
|
|
mode http
|
|
server server1 10.7.89.123:80 check
|
|
backend http_bookstack_server
|
|
mode http
|
|
server server1 10.7.89.119:80 check
|
|
|
|
frontend https
|
|
# Listen on port 443
|
|
bind *:443
|
|
mode tcp
|
|
|
|
tcp-request inspect-delay 5s
|
|
tcp-request content accept if { req_ssl_hello_type 1 }
|
|
|
|
# Figure out which backend (= VM) to use
|
|
use_backend git_server if { req_ssl_sni -i git.2li.ch }
|
|
use_backend heimdall_server if { req_ssl_sni -i heimdall.2li.ch }
|
|
use_backend jitsi_server if { req_ssl_sni -i jitsi.zweili.org }
|
|
use_backend mail_server if { req_ssl_sni -i mail.zweili.org }
|
|
use_backend nextcloud_server if { req_ssl_sni -i nextcloud.2li.ch }
|
|
use_backend fw-nextcloud_server if { req_ssl_sni -i plattform.2li.ch }
|
|
use_backend shaarli-andreas_server if { req_ssl_sni -i shaarli-andreas.2li.ch }
|
|
use_backend shaarli-gecko_server if { req_ssl_sni -i shaarli-gecko.2li.ch }
|
|
use_backend ttrss_server if { req_ssl_sni -i ttrss.2li.ch }
|
|
use_backend wallabag_server if { req_ssl_sni -i wallabag.2li.ch }
|
|
use_backend webmail_server if { req_ssl_sni -i webmail.2li.ch }
|
|
use_backend rss-bridge_server if { req_ssl_sni -i rss-bridge.2li.ch }
|
|
use_backend bookstack_server if { req_ssl_sni -i www.2li.ch }
|
|
use_backend bookstack_server if { req_ssl_sni -i 2li.ch }
|
|
|
|
backend bookstack_server
|
|
mode tcp
|
|
server server1 10.7.89.119:443 check
|
|
backend fw-nextcloud_server
|
|
mode tcp
|
|
server server1 10.7.89.114:443 check
|
|
backend git_server
|
|
mode tcp
|
|
server server1 10.7.89.109:443 check
|
|
backend heimdall_server
|
|
mode tcp
|
|
server server1 10.7.89.121:443 check
|
|
backend jitsi_server
|
|
mode tcp
|
|
server server1 10.7.89.105:443 check
|
|
backend mail_server
|
|
mode tcp
|
|
server server1 10.7.89.123:443 check
|
|
backend nextcloud_server
|
|
mode tcp
|
|
server server1 10.7.89.103:443 check
|
|
backend shaarli-andreas_server
|
|
mode tcp
|
|
server server1 10.7.89.116:443 check
|
|
backend shaarli-gecko_server
|
|
mode tcp
|
|
server server1 10.7.89.116:443 check
|
|
backend ttrss_server
|
|
mode tcp
|
|
server server1 10.7.89.115:443 check
|
|
backend wallabag_server
|
|
mode tcp
|
|
server server1 10.7.89.118:443 check
|
|
backend webmail_server
|
|
mode tcp
|
|
server server1 10.7.89.110:443 check
|
|
backend rss-bridge_server
|
|
mode tcp
|
|
server server1 10.7.89.111:443 check
|