Last active
January 17, 2022 23:21
-
-
Save TimWolla/457c45dfccde26fc674dde4b3c7235c1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
log stdout format raw local0 | |
defaults | |
log global | |
resolvers my_resolvers | |
nameserver google 8.8.8.8:53 | |
nameserver cloudflare 1.1.1.1:53 | |
#frontend stats | |
# mode http | |
# timeout connect 5s | |
# timeout client 60s | |
# timeout server 60s | |
# | |
# bind *:8080 | |
# | |
# stats enable | |
# stats uri / | |
frontend signal_proxy | |
mode tcp | |
option tcplog | |
timeout client 60s | |
bind *:443 ssl crt ssl/haproxy.pem | |
tcp-request inspect-delay 10s | |
acl allowed req.ssl_sni textsecure-service.whispersystems.org | |
acl allowed req.ssl_sni storage.signal.org | |
acl allowed req.ssl_sni cdn.signal.org | |
acl allowed req.ssl_sni cdn2.signal.org | |
acl allowed req.ssl_sni api.directory.signal.org | |
acl allowed req.ssl_sni contentproxy.signal.org | |
acl allowed req.ssl_sni uptime.signal.org | |
acl allowed req.ssl_sni api.backup.signal.org | |
acl allowed req.ssl_sni sfu.voip.signal.org | |
acl allowed req.ssl_sni updates.signal.org | |
acl allowed req.ssl_sni updates2.signal.org | |
tcp-request content accept if allowed | |
tcp-request content reject | |
use_backend bk_%[req.ssl_sni] | |
backend bk_textsecure-service.whispersystems.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 textsecure-service.whispersystems.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_storage.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 storage.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_cdn.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 cdn.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_cdn2.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 cdn2.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_api.directory.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 api.directory.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_contentproxy.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 contentproxy.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_uptime.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 uptime.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_api.backup.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 api.backup.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_sfu.voip.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 sfu.voip.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_updates.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 updates.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 | |
backend bk_updates2.signal.org | |
mode tcp | |
timeout connect 5s | |
timeout server 60s | |
server-template signal 1-6 updates2.signal.org:443 init-addr none check resolvers my_resolvers resolve-prefer ipv4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
you need to add "chat.signal.org"