diff --git a/config/haproxy/haproxy.cfg b/config/haproxy/haproxy.cfg index 56775a2..e02627b 100644 --- a/config/haproxy/haproxy.cfg +++ b/config/haproxy/haproxy.cfg @@ -62,17 +62,20 @@ frontend https # Router # ACL to match the sni hosts + acl is_base ssl_fc_sni -i "${BASE_URL}" + acl is_api ssl_fc_sni -i "api.${BASE_URL}" acl is_stream ssl_fc_sni -i "stream.${BASE_URL}" - acl is_tv ssl_fc_sni -i "tv.${BASE_URL}" # Define the ACL conditions and corresponding actions + use_backend backend_api if is_base + use_backend backend_api if is_api use_backend backend_restreamer if is_stream - use_backend backend_scheduler if is_tv + +backend backend_api + balance leastconn + server api1 api:8080 check inter 5s rise 4 fall 2 backend backend_restreamer balance leastconn server restreamer1 restreamer:8080 check inter 5s rise 4 fall 2 -backend backend_scheduler - balance leastconn - server scheduler1 scheduler:8080 check inter 5s rise 4 fall 2 diff --git a/renew-certificates.sh b/renew-certificates.sh index 676f0a3..b789116 100755 --- a/renew-certificates.sh +++ b/renew-certificates.sh @@ -7,8 +7,8 @@ CB=`docker ps | grep certbot | cut -d ' ' -f 1` #echo $BASE_URL #echo $EMAIL -docker exec $CB certbot certonly --non-interactive --standalone --http-01-address 0.0.0.0 --email $EMAIL --agree-tos --keep --preferred-challenges http --cert-name stream.$BASE_URL \ - -d tv.$BASE_URL -d stream.$BASE_URL +docker exec $CB certbot certonly --non-interactive --standalone --http-01-address 0.0.0.0 --email $EMAIL --agree-tos --keep --preferred-challenges http --cert-name $BASE_URL \ + -d $BASE_URL -d api.$BASE_URL -d stream.$BASE_URL -cat "./data/certbot/etc/live/stream.$BASE_URL/privkey.pem" "./data/certbot/etc/live/stream.$BASE_URL/fullchain.pem" > "./data/certificates/stream.$BASE_URL.pem" +cat "./data/certbot/etc/live/$BASE_URL/privkey.pem" "./data/certbot/etc/live/$BASE_URL/fullchain.pem" > "./data/certificates/$BASE_URL.pem" docker kill -s USR2 television_haproxy_1