forest/net
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

setip haproxy acls

Browse source
This commit is contained in:
Daniel afx 2022-02-07 05:17:11 +02:00
parent 128fe2defe
commit f80929eb18
3 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -8,6 +8,9 @@ __pycache
.env.dev .env.dev
.env.prod .env.prod
# ignore lb allowed_ips
lb/allowed_ips
# ignore letsencrypt generated certificates # ignore letsencrypt generated certificates
data/certbot/etc/* data/certbot/etc/*
!data/certbot/etc/.placeholder !data/certbot/etc/.placeholder

16
lb/haproxy.cfg
View file

@ -57,20 +57,28 @@ frontend https
http-response set-header Access-Control-Max-Age 3628800 http-response set-header Access-Control-Max-Age 3628800
http-response set-header Access-Control-Allow-Methods "GET" http-response set-header Access-Control-Allow-Methods "GET"
use_backend %[req.hdr(Host),lower] # ACL
acl acl_allowed src -f /etc/haproxy/allowed_ips
acl acl_forestnet -i forest.deflax.net
acl acl_forestdb -i db.forest.deflax.net
acl acl_osmap -i map.deflax.net
backend map.deflax.net use_backend forestnet if acl_forestnet
use_backend forestdb if acl_forestdb acl_allowed
use_backend osmap if acl_osmap
backend osmap
# Get from cache / put in cache # Get from cache / put in cache
http-request cache-use mapscache http-request cache-use mapscache
http-response cache-store mapscache http-response cache-store mapscache
# server list # server list
server s1 osmtile:80 check server s1 osmtile:80 check
backend forest.deflax.net backend forestnet
# server list # server list
server s1 flask:5000 check server s1 flask:5000 check
backend db.forest.deflax.net backend forestdb
server s1 pgadmin:80 check server s1 pgadmin:80 check
#backend docs.deflax.net #backend docs.deflax.net