Benoit/HAProxy
Benoit/HAProxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add adguard

Browse source
This commit is contained in:
Benoit 2024-11-27 21:28:44 +09:00
parent c55a1fca17
commit cd3295c3f4
Signed by: Benoit
SSH key fingerprint: SHA256:kFsX94Kq6z/6CY0dX+7/FpAeJC0QlMhJVY+B7NYrOmA
3 changed files with 31 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
03frontends.cfg
View file

@ -298,6 +298,7 @@ frontend frontend_default
acl letsencrypt path_beg /.well-known/acme-challenge/ acl letsencrypt path_beg /.well-known/acme-challenge/
acl adguard hdr(host) -i adguard.benoit.jp.net
acl archive hdr(host) -i blog.benpro.fr.archive.benoit.jp.net acl archive hdr(host) -i blog.benpro.fr.archive.benoit.jp.net
acl archive hdr(host) -i lekernelpanique.fr.archive.benoit.jp.net acl archive hdr(host) -i lekernelpanique.fr.archive.benoit.jp.net
acl archive hdr(host) -i sysadmin-bookmarks.archive.benoit.jp.net acl archive hdr(host) -i sysadmin-bookmarks.archive.benoit.jp.net
@ -305,8 +306,10 @@ frontend frontend_default
acl laminar hdr(host) -i laminar.benoit.jp.net acl laminar hdr(host) -i laminar.benoit.jp.net
acl linkding hdr(host) -i linkding.benoit.jp.net acl linkding hdr(host) -i linkding.benoit.jp.net
acl mastodon hdr(host) -i mastodon.benoit.jp.net acl mastodon hdr(host) -i mastodon.benoit.jp.net
#http-request deny if dns !JP !SG !letsencrypt
http-request deny if adguard !JP !letsencrypt
use_backend adguard if adguard
use_backend archive if archive use_backend archive if archive
use_backend forgejo if forgejo use_backend forgejo if forgejo
use_backend laminar if laminar use_backend laminar if laminar

29
04listen.cfg
View file

@ -1,10 +1,13 @@
# Listens (frontend and backend combined) # Listens (frontend and backend combined)
listen ssh # Forgejo
bind :22 listen ssh
bind :::22 v6only bind :22
mode tcp bind :::22 v6only
option tcplog mode tcp
server git-ssh forgejo.incus:10022 send-proxy check option tcplog
server git-ssh forgejo.incus:10022 send-proxy check
# Mailcow
# listen smtp # listen smtp
# bind :25 # bind :25
# bind :::25 v6only # bind :::25 v6only
@ -29,9 +32,11 @@
# mode tcp # mode tcp
# option tcplog # option tcplog
# server mail 10.78.127.231:14190 send-proxy # server mail 10.78.127.231:14190 send-proxy
# listen adguard-dot
# bind :853 # Adguard
# bind :::853 v6only listen adguard-dot
# mode tcp bind :853
# option tcplog bind :::853 v6only
# server adguard 10.78.127.201:10853 send-proxy mode tcp
option tcplog
server adguard adguard.incus:10853 send-proxy

10
05backends.cfg
View file

@ -54,3 +54,13 @@ backend archive
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
server archive archive.incus:80 check server archive archive.incus:80 check
backend adguard
# set HSTS for one year after all responses
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# add some Security headers
http-response set-header X-Frame-Options "SAMEORIGIN"
http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin"
server adguard adguard.incus:3000 check