setip haproxy acls
This commit is contained in:
parent
128fe2defe
commit
f80929eb18
3 changed files with 18 additions and 7 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -8,6 +8,9 @@ __pycache
|
|||
.env.dev
|
||||
.env.prod
|
||||
|
||||
# ignore lb allowed_ips
|
||||
lb/allowed_ips
|
||||
|
||||
# ignore letsencrypt generated certificates
|
||||
data/certbot/etc/*
|
||||
!data/certbot/etc/.placeholder
|
||||
|
|
|
@ -57,20 +57,28 @@ frontend https
|
|||
http-response set-header Access-Control-Max-Age 3628800
|
||||
http-response set-header Access-Control-Allow-Methods "GET"
|
||||
|
||||
use_backend %[req.hdr(Host),lower]
|
||||
# ACL
|
||||
acl acl_allowed src -f /etc/haproxy/allowed_ips
|
||||
acl acl_forestnet -i forest.deflax.net
|
||||
acl acl_forestdb -i db.forest.deflax.net
|
||||
acl acl_osmap -i map.deflax.net
|
||||
|
||||
backend map.deflax.net
|
||||
use_backend forestnet if acl_forestnet
|
||||
use_backend forestdb if acl_forestdb acl_allowed
|
||||
use_backend osmap if acl_osmap
|
||||
|
||||
backend osmap
|
||||
# Get from cache / put in cache
|
||||
http-request cache-use mapscache
|
||||
http-response cache-store mapscache
|
||||
# server list
|
||||
server s1 osmtile:80 check
|
||||
|
||||
backend forest.deflax.net
|
||||
backend forestnet
|
||||
# server list
|
||||
server s1 flask:5000 check
|
||||
|
||||
backend db.forest.deflax.net
|
||||
backend forestdb
|
||||
server s1 pgadmin:80 check
|
||||
|
||||
#backend docs.deflax.net
|
||||
|
|
Loading…
Reference in a new issue