paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated haproxy state
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Paul 2024-09-01 17:14:52 +02:00
parent f96c06b48b
commit 29a081884a
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
states/haproxy/templates/haproxy.cfg.j2
View File

@ -127,6 +127,21 @@ defaults {{ haproxy.config.namespace }}
{{ key }} {{ value }} {{ key }} {{ value }}
{%- endfor %} {%- endfor %}
# Default ACLs
acl http ssl_fc,not
acl self_host req.hdr(Host) {{ fqdn }}
acl internal src -f {{ haproxy.config.dir }}/maps/access
acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found
acl allowhttp req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/allowhttp,false) true
acl ua req.hdr(User-Agent),map_beg(/etc/haproxy/maps/ua) -m found
acl security_txt path /.well-known/security.txt
acl robots_txt path /robots.txt
acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }}
acl path_root path /
acl path_info path /info
acl path_location path /location
acl version_http10 req.ver 1.0
{% if haproxy.config.peers.hosts -%} {% if haproxy.config.peers.hosts -%}
peers paulbsd peers paulbsd
bind *:{{ haproxy.config.peers.port }} ssl crt {{ haproxy.config.acme_fullchains_dir }} bind *:{{ haproxy.config.peers.port }} ssl crt {{ haproxy.config.acme_fullchains_dir }}