Benoit/HAProxy
Benoit/HAProxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add mailcow-backup

Browse source
This commit is contained in:
Benoit 2025-02-15 19:21:00 +09:00
parent b986d6655e
commit e9f5008482
Signed by: Benoit
SSH key fingerprint: SHA256:kFsX94Kq6z/6CY0dX+7/FpAeJC0QlMhJVY+B7NYrOmA
2 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
03frontends.cfg
View file

@ -310,6 +310,7 @@ frontend frontend_default
acl laminar hdr(host) -i laminar.benoit.jp.net acl laminar hdr(host) -i laminar.benoit.jp.net
acl linkding hdr(host) -i linkding.benoit.jp.net acl linkding hdr(host) -i linkding.benoit.jp.net
acl mailcow hdr(host) -i mail.benoit.jp.net acl mailcow hdr(host) -i mail.benoit.jp.net
acl mailcow-backup hdr(host) -i mail-backup.benoit.jp.net
acl mastodon hdr(host) -i mastodon.benoit.jp.net acl mastodon hdr(host) -i mastodon.benoit.jp.net
acl miniflux hdr(host) -i miniflux.benoit.jp.net acl miniflux hdr(host) -i miniflux.benoit.jp.net
acl navidrome hdr(host) -i navidrome.benoit.jp.net acl navidrome hdr(host) -i navidrome.benoit.jp.net
@ -325,6 +326,7 @@ frontend frontend_default
http-request deny if adguard !JP !SG !letsencrypt !allowed_ips http-request deny if adguard !JP !SG !letsencrypt !allowed_ips
http-request deny if kanboard !JP !SG !letsencrypt !allowed_ips http-request deny if kanboard !JP !SG !letsencrypt !allowed_ips
http-request deny if mailcow !JP !SG !letsencrypt !allowed_ips http-request deny if mailcow !JP !SG !letsencrypt !allowed_ips
http-request deny if mailcow-backup !JP !SG !letsencrypt !allowed_ips
http-request deny if miniflux !JP !SG !letsencrypt !allowed_ips http-request deny if miniflux !JP !SG !letsencrypt !allowed_ips
http-request deny if navidrome !JP !SG !letsencrypt !allowed_ips http-request deny if navidrome !JP !SG !letsencrypt !allowed_ips
http-request deny if photoprism !JP !SG !letsencrypt !allowed_ips http-request deny if photoprism !JP !SG !letsencrypt !allowed_ips
@ -338,6 +340,7 @@ frontend frontend_default
use_backend letsencrypt if letsencrypt use_backend letsencrypt if letsencrypt
use_backend linkding if linkding use_backend linkding if linkding
use_backend mailcow if mailcow use_backend mailcow if mailcow
use_backend mailcow-backup if mailcow-backup
use_backend mastodon if mastodon use_backend mastodon if mastodon
use_backend miniflux if miniflux use_backend miniflux if miniflux
use_backend navidrome if navidrome use_backend navidrome if navidrome

10
05backends.cfg
View file

@ -138,6 +138,16 @@ backend mailcow
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
server mailcow mailcow.incus:80 check server mailcow mailcow.incus:80 check
backend mailcow-backup
# set HSTS for one year after all responses
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# add some Security headers
http-response set-header X-Frame-Options "SAMEORIGIN"
http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin"
server mailcow-backup mxmon:80 check
backend uptime-kuma backend uptime-kuma
# set HSTS for one year after all responses # set HSTS for one year after all responses
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"