Created
July 25, 2018 16:57
-
-
Save jpcarey/920acc7d6f99df164b9f5917ef8abc49 to your computer and use it in GitHub Desktop.
ha proxy SNI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log /dev/log local0 | |
| log /dev/log local1 notice | |
| chroot /var/lib/haproxy | |
| stats socket /run/haproxy/admin.sock mode 660 level admin | |
| stats timeout 30s | |
| user haproxy | |
| group haproxy | |
| daemon | |
| defaults | |
| timeout client 30s | |
| timeout server 30s | |
| timeout connect 5s | |
| frontend https | |
| bind *:443 | |
| option tcplog | |
| log global | |
| mode tcp | |
| tcp-request inspect-delay 5s | |
| tcp-request content accept if { req_ssl_hello_type 1 } | |
| acl app_homeassistant req_ssl_sni -i ha | |
| acl app_homeassistant req_ssl_sni -i ha.localdomain | |
| acl app_unifi req_ssl_sni -i ubnt | |
| acl app_unifi req_ssl_sni -i ubnt.localdomain | |
| use_backend bknd_homeassistant if app_homeassistant | |
| use_backend bknd_unifi if app_unifi | |
| backend bknd_homeassistant | |
| mode tcp | |
| server snipt-www 127.0.0.1:8123 | |
| backend bknd_unifi | |
| mode tcp | |
| server snipt-private 127.0.0.1:8443 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment