add dockerfile and config

2024-11-02 17:12:45 +03:00
commit d60140ae78
3 changed files with 65 additions and 0 deletions
--- a/docker/haproxy.cfg
+++ b/docker/haproxy.cfg
@@ -0,0 +1,46 @@
+global
+    # Enable HAProxy runtime API
+    stats socket :9999 level admin expose-fd listeners
+
+defaults
+    mode http
+    default_backend default-backend-http
+
+    timeout connect 5s
+    timeout client 1m
+    timeout server 1m
+
+    option dontlog-normal
+    option tcp-smart-accept
+    option tcp-smart-connect
+    #option forwardfor
+    option http-keep-alive
+
+    http-reuse safe
+
+frontend http
+    bind *:80
+    #http-request redirect scheme https code 301
+
+    # ACL
+    acl certbot path_beg /.well-known/acme-challenge/
+    use_backend certbot if certbot
+
+frontend https
+    bind *:443 ssl crt /usr/local/etc/haproxy/certificates/site.pem
+    http-request add-header X-Forwarded-Proto https
+
+    # ACL
+    acl certbot path_beg /.well-known/acme-challenge/
+    use_backend certbot if certbot
+
+backend default-backend-http
+    http-request set-header X-Forwarded-Proto https if { ssl_fc }
+    server main nginx:80 check
+
+backend certbot
+    server certbot certbot:380
+
+resolvers docker
+    nameserver dns1 127.0.0.11:53
+