# HAProxy configuration generated by https://github.com/appscode/voyager # DO NOT EDIT! global daemon stats socket /var/run/haproxy.sock level admin expose-fd listeners server-state-file global server-state-base /var/state/haproxy/ # log using a syslog socket log /dev/log local0 info tune.ssl.default-dh-param 2048 ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK lua-load /etc/auth-request.lua defaults log global # https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose # https://github.com/voyagermesh/voyager/pull/403 option dontlognull option http-server-close # Timeout values timeout client 50s timeout client-fin 50s timeout connect 5s timeout server 50s timeout tunnel 50s # Configure error files # default traffic mode is http # mode is overwritten in case of tcp services mode http frontend http-0_0_0_0-80 bind *:80 mode http option httplog option forwardfor acl is_proxy_https hdr(X-Forwarded-Proto) https acl is_proxy_https ssl_fc http-request set-var(req.scheme) str(https) if is_proxy_https http-request set-var(req.scheme) str(http) if ! is_proxy_https acl acl_:.well-known-acme-challenge path_beg /.well-known/acme-challenge/ # rules processing will stop here for LE well-known acme challenge path http-request allow if acl_:.well-known-acme-challenge use_backend voyager-operator.kube-system:56791 if acl_:.well-known-acme-challenge acl acl_kiteci.com hdr(host) -i kiteci.com acl acl_kiteci.com hdr(host) -i kiteci.com:80 acl acl_kiteci.com: path_beg / use_backend web.default:80 if acl_kiteci.com acl_kiteci.com: backend voyager-operator.kube-system:56791 server pod-voyager-operator-6f498d8fdf-jlbqs 10.4.1.4:56791 backend web.default:80 server pod-nginx-dbddb74b8-x4zxj 10.4.2.128:80