add ffdl, foundry, haproxy, glances, and zfs vars
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
This commit is contained in:
193
systems/palatine-hill/docker/haproxy.cfg
Executable file
193
systems/palatine-hill/docker/haproxy.cfg
Executable file
@ -0,0 +1,193 @@
|
||||
global
|
||||
# stats socket /var/run/api.sock user haproxy group haproxy mode 660 level admin expose-fd listeners
|
||||
# log stdout format raw local0 info
|
||||
log stdout format raw local0
|
||||
crt-base /etc/ssl/certs/
|
||||
maxconn 120000
|
||||
|
||||
defaults
|
||||
log global
|
||||
mode http
|
||||
timeout client 2000m
|
||||
timeout connect 200s
|
||||
timeout server 2000m
|
||||
timeout http-request 2000m
|
||||
|
||||
frontend stats # you can call this whatever you want
|
||||
mode http
|
||||
bind *:9000 # default port, but you can pick any port
|
||||
stats enable # turns on stats module
|
||||
stats refresh 10s # set auto-refresh rate
|
||||
|
||||
#Application Setup
|
||||
frontend ContentSwitching
|
||||
bind *:80
|
||||
# bind *:443 ssl crt /etc/ssl/certs/cloudflare.pem
|
||||
bind *:443 ssl crt /etc/ssl/certs/origin_ca_ecc_root_new.pem
|
||||
mode http
|
||||
option httplog
|
||||
|
||||
# max-age is mandatory
|
||||
# 16000000 seconds is a bit more than 6 months
|
||||
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
|
||||
|
||||
# Front-end acess control list
|
||||
acl host_www hdr(host) -i www.alicehuston.xyz
|
||||
acl host_www hdr(host) -i alicehuston.xyz
|
||||
# acl host_ldapui hdr(host) -i authui.alicehuston.xyz
|
||||
acl host_glances hdr(host) -i monit.alicehuston.xyz
|
||||
acl host_glances hdr(host) -i glances.alicehuston.xyz
|
||||
acl host_foundry hdr(host) -i dnd.alicehuston.xyz
|
||||
# acl host_netdata hdr(host) -i netdata.alicehuston.xyz
|
||||
#acl host_terraria hdr(host) -i terraria.alicehuston.xyz
|
||||
acl host_nextcloud hdr(host) -i nextcloud.alicehuston.xyz
|
||||
acl host_nextcloud hdr(host) -i nayeonie.com
|
||||
acl host_hydra hdr(host) -i hydra.alicehuston.xyz
|
||||
acl host_nix_serve hdr(host) -i cache.alicehuston.xyz
|
||||
acl host_attic hdr(host) -i attic.alicehuston.xyz
|
||||
acl host_nix_serve hdr(host) -i nixsrv.alicehuston.xyz
|
||||
acl host_minio hdr(host) -i minio.alicehuston.xyz
|
||||
acl host_minio_console hdr(host) -i minio-console.alicehuston.xyz
|
||||
#acl host_nextcloud_vol hdr(host) -i nextcloud-vol.alicehuston.xyz
|
||||
# acl host_collabora hdr(host) -i collabora.alicehuston.xyz
|
||||
acl host_prometheus hdr(host) -i prom.alicehuston.xyz
|
||||
# Backend-forwarding
|
||||
use_backend www_nodes if host_www
|
||||
# use_backend ldapui_nodes if host_ldapui
|
||||
use_backend glances_nodes if host_glances
|
||||
use_backend foundry_nodes if host_foundry
|
||||
# use_backend netdata_nodes if host_netdata
|
||||
# use_backend terraria_nodes if host_terraria
|
||||
use_backend nextcloud_nodes if host_nextcloud
|
||||
use_backend hydra_nodes if host_hydra
|
||||
use_backend nix_serve_nodes if host_nix_serve
|
||||
use_backend attic_nodes if host_attic
|
||||
#use_backend nextcloud_vol_nodes if host_nextcloud_vol
|
||||
# use_backend collabora_nodes if host_collabora
|
||||
use_backend prometheus_nodes if host_prometheus
|
||||
use_backend minio_nodes if host_minio
|
||||
use_backend minio_console_nodes if host_minio_console
|
||||
|
||||
#frontend ldap
|
||||
# bind *:389
|
||||
# bind *:636 ssl crt /etc/ssl/certs/cloudflare.pem
|
||||
# mode tcp
|
||||
# option tcplog
|
||||
# acl host_ldap hdr(host) -i auth.alicehuston.xyz
|
||||
# use_backend ldap_nodes if host_ldap
|
||||
|
||||
backend nextcloud_nodes
|
||||
mode http
|
||||
server server nextcloud:80
|
||||
acl url_discovery path /.well-known/caldav /.well-known/carddav
|
||||
http-request redirect location /remote.php/dav/ code 301 if url_discovery
|
||||
acl h_xfh_exists req.hdr(X-Forwarded-Host) -m found
|
||||
http-request set-header X-Forwarded-Host %[req.hdr(host)] unless h_xfh_exists
|
||||
acl h_xfport_exists req.hdr(X-Forwarded-Port) -m found
|
||||
http-request set-header X-Forwarded-Port %[dst_port] unless h_xfport_exists
|
||||
acl h_xfproto_exists req.hdr(X-Forwarded-Proto) -m found
|
||||
http-request set-header X-Forwarded-Proto http if !{ ssl_fc } !h_xfproto_exists
|
||||
http-request set-header X-Forwarded-Proto https if { ssl_fc } !h_xfproto_exists
|
||||
|
||||
#backend nextcloud_nodes
|
||||
# mode http
|
||||
# server nxserver nextcloud:80
|
||||
# acl url_discovery path /.well-known/caldav /.well-known/carddav
|
||||
# http-request redirect location /remote.php/dav/ code 301 if url_discovery
|
||||
# http-request set-header X-Forwarded-Host %[req.hdr(Host)]
|
||||
|
||||
#backend nextcloud_vol_nodes
|
||||
# mode http
|
||||
# server server nextcloud-vol:80
|
||||
# acl url_discovery path /.well-known/caldav /.well-known/carddav
|
||||
# http-request redirect location /remote.php/dav/ code 301 if url_discovery
|
||||
# acl h_xfh_exists req.hdr(X-Forwarded-Host) -m found
|
||||
# http-request set-header X-Forwarded-Host %[req.hdr(host)] unless h_xfh_exists
|
||||
# acl h_xfport_exists req.hdr(X-Forwarded-Port) -m found
|
||||
# http-request set-header X-Forwarded-Port %[dst_port] unless h_xfport_exists
|
||||
# acl h_xfproto_exists req.hdr(X-Forwarded-Proto) -m found
|
||||
# http-request set-header X-Forwarded-Proto http if !{ ssl_fc } !h_xfproto_exists
|
||||
# http-request set-header X-Forwarded-Proto https if { ssl_fc } !h_xfproto_exists
|
||||
|
||||
#backend terraria_nodes
|
||||
# mode http
|
||||
# server server terraria:6526
|
||||
|
||||
#backend collabora_nodes
|
||||
# mode http
|
||||
# server server collabora:9980
|
||||
|
||||
backend www_nodes
|
||||
mode http
|
||||
server server grafana:3000
|
||||
|
||||
backend minio_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:8500
|
||||
# acl h_xfh_exists req.hdr(X-Forwarded-Host) -m found
|
||||
# http-request set-header X-Forwarded-Host %[req.hdr(host)] unless h_xfh_exists
|
||||
# acl h_xfport_exists req.hdr(X-Forwarded-Port) -m found
|
||||
# http-request set-header X-Forwarded-Port %[dst_port] unless h_xfport_exists
|
||||
# acl h_xfproto_exists req.hdr(X-Forwarded-Proto) -m found
|
||||
# http-request set-header X-Forwarded-Proto http if !{ ssl_fc } !h_xfproto_exists
|
||||
# http-request set-header X-Forwarded-Proto https if { ssl_fc } !h_xfproto_exists
|
||||
|
||||
backend minio_console_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:8501
|
||||
|
||||
backend foundry_nodes
|
||||
timeout tunnel 50s
|
||||
mode http
|
||||
server server foundryvtt:30000
|
||||
|
||||
#backend ldap_nodes
|
||||
# mode tcp
|
||||
# balance roundrobin
|
||||
# option ldap-check
|
||||
# server ldap1 192.168.76.2:1636 ssl ca-file /etc/ssl/certs/origin_ca_rsa_root.pem
|
||||
#
|
||||
#backend ldapui_nodes
|
||||
# mode http
|
||||
# server server 192.168.76.2:18081
|
||||
|
||||
backend glances_nodes
|
||||
mode http
|
||||
server server glances:61208
|
||||
|
||||
backend hydra_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:3000
|
||||
|
||||
backend nix_serve_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:5000
|
||||
|
||||
backend attic_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:8183
|
||||
|
||||
backend prometheus_nodes
|
||||
mode http
|
||||
server server 192.168.76.2:9001
|
||||
|
||||
#backend netdata_nodes
|
||||
# mode http
|
||||
# server server 192.168.76.2:19999
|
||||
|
||||
# backend dnd_nodes
|
||||
# mode http
|
||||
# server server foundry:30000
|
||||
# acl host_www hdr(host) -i www.tmmworkshop.com
|
||||
|
||||
|
||||
frontend minecraft
|
||||
mode tcp
|
||||
bind :25565
|
||||
default_backend router_nodes
|
||||
|
||||
|
||||
backend router_nodes
|
||||
mode tcp
|
||||
server s1 mc-router:25565
|
||||
|
||||
Reference in New Issue
Block a user