Start haproxy even if dns resolution fails, enable forwardfor

This commit is contained in:
Ivan R. 2024-11-09 16:45:48 +05:00
parent 62c769d75c
commit c8a545c047
Signed by: lumin
GPG key ID: E0937DC7CD6D3817

View file

@ -11,6 +11,7 @@ global
defaults
log global
mode http
option forwardfor
option httplog
option dontlognull
timeout connect 5000
@ -23,7 +24,7 @@ defaults
errorfile 502 /usr/local/etc/haproxy/errors/502.http
errorfile 503 /usr/local/etc/haproxy/errors/503.http
errorfile 504 /usr/local/etc/haproxy/errors/504.http
default-server init-addr last,libc,none
frontend http
mode http
@ -45,7 +46,6 @@ frontend http
acl host_comfycamp_tor hdr(host) -i comfycgmgfvowbbw2ckkobuvk4cejo2e56uxrhznravxnrl7itftpkad.onion
use_backend comfycamp if host_comfycamp_tor
frontend https
mode http
bind :443 ssl crt /usr/local/etc/haproxy/certs
@ -116,7 +116,6 @@ frontend https
acl host_mta_sts hdr(host) -i mta-sts.comfycamp.space
use_backend mta_sts if host_mta_sts
frontend matrix-federation
bind :8448 ssl crt /usr/local/etc/haproxy/certs
http-request set-header X-Forwarded-Proto https if { ssl_fc }
@ -136,7 +135,6 @@ backend comfycamp
backend mastodon
mode http
option forwardfor
http-response set-header Referrer-Policy same-origin
http-response set-header Onion-Location http://mcomfyzeyibt2unmkttoxa2li2dzpsljcp3sasrioqsks4ayrl5kk2ad.onion%[capture.req.uri]
server s1 mastodon-web-1:3000 check
@ -144,50 +142,42 @@ backend mastodon
backend mastodon_streaming
mode http
option forwardfor
option http-server-close
timeout tunnel 1h
server green mastodon-streaming:4000 check
backend vaultwarden
mode http
option forwardfor
server green vaultwarden:80 check
backend minio_console
mode http
option forwardfor
server green minio:9001 check
backend minio
mode http
http-response set-header Access-Control-Allow-Origin https://m.comfycamp.space
option forwardfor
server green minio:9000 check
backend forgejo
mode http
option forwardfor
server green forgejo:3000 check
backend matrix
mode http
option forwardfor
server matrix synapse:8008
server matrix synapse:8008 check
backend grafana
mode http
server grafana grafana:3000
server grafana grafana:3000 check
backend peertube
mode http
option forwardfor
http-response set-header Onion-Location http://vcomfyooxdbibyusen75qbzaunrjykw2cxkc6txm6qykkdv4z2danpid.onion%[capture.req.uri]
server s1 peertube:9000
server s1 peertube:9000 check
backend authentik
mode http
option forwardfor
server s1 authentik-1:9000 check
server s2 authentik-2:9000 check
@ -198,7 +188,6 @@ backend authentik_ldap
backend nextcloud
mode http
option forwardfor
server s1 nextcloud-1:80 check
backend mta_sts
@ -211,14 +200,12 @@ backend jellyfin
backend prosody
mode http
option forwardfor
option http-server-close
timeout tunnel 1h
server s1 prosody:5280 check
backend immich
mode http
option forwardfor
option http-server-close
timeout tunnel 1h
server s1 immich-1:2283 check
@ -227,7 +214,6 @@ backend archivebox
server s1 archivebox-1:8000 check
backend freshrss
option forwardfor
server s1 freshrss-1:80 check
backend phoenix