public-access-proxy: fix settings
This commit is contained in:
parent
e89e2b9c7a
commit
e925dfd0c5
|
@ -76,16 +76,18 @@ in {
|
|||
services.haproxy = {
|
||||
enable = true;
|
||||
config = ''
|
||||
defaults
|
||||
timeout client 30000
|
||||
timeout connect 5000
|
||||
timeout check 5000
|
||||
timeout server 30000
|
||||
|
||||
frontend http-in
|
||||
bind :::80 v4v6
|
||||
timeout client 30000
|
||||
option http-keep-alive
|
||||
default_backend proxy-backend-http
|
||||
|
||||
backend proxy-backend-http
|
||||
timeout connect 5000
|
||||
timeout check 5000
|
||||
timeout server 30000
|
||||
mode http
|
||||
option http-server-close
|
||||
option forwardfor
|
||||
|
@ -99,33 +101,28 @@ in {
|
|||
use-server ${hostname}-http if { req.hdr(host) -i ${hostname} }
|
||||
server ${hostname}-http ${proxyHost.proxyTo.host}:${
|
||||
toString proxyHost.proxyTo.httpPort
|
||||
}
|
||||
} weight 0
|
||||
'') (proxyHost.hostNames))) (cfg.proxyHosts)
|
||||
}
|
||||
|
||||
frontend https-in
|
||||
bind :::443 v4v6
|
||||
timeout client 30000
|
||||
tcp-request inspect-delay 5s
|
||||
tcp-request content accept if { req_ssl_hello_type 1 }
|
||||
default_backend proxy-backend-https
|
||||
|
||||
backend proxy-backend-https
|
||||
timeout connect 5000
|
||||
timeout check 5000
|
||||
timeout server 30000
|
||||
option http-server-close
|
||||
http-request set-header X-Forwarded-Proto https
|
||||
http-request set-header X-Forwarded-Port 443
|
||||
${
|
||||
concatMapStringsSep "\n" (proxyHost:
|
||||
optionalString
|
||||
${
|
||||
concatMapStringsSep "\n" (proxyHost:
|
||||
optionalString
|
||||
(proxyHost.hostNames != [ ] && proxyHost.proxyTo.host != null)
|
||||
(concatMapStringsSep "\n" (hostname: ''
|
||||
use-server ${hostname}-https if { req.ssl_sni -i ${hostname} }
|
||||
server ${hostname}-https ${proxyHost.proxyTo.host}:${
|
||||
toString proxyHost.proxyTo.httpsPort
|
||||
}
|
||||
} weight 0
|
||||
'') (proxyHost.hostNames))) (cfg.proxyHosts)
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue