Benoit/HAProxy
Benoit/HAProxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Benoit:44e7d673ee3a9d7d2f5ef3eab5829216d9716051
Branches Tags
Benoit:main
..
compare: Benoit:f3c4f25854ab94877ec4514de34a896fc21de6f0
Branches Tags
Benoit:main

No commits in common. "44e7d673ee3a9d7d2f5ef3eab5829216d9716051" and "f3c4f25854ab94877ec4514de34a896fc21de6f0" have entirely different histories.
44e7d673ee ... f3c4f25854

2 changed files with 9 additions and 14 deletions
Show stats Expand all files Collapse all files

5
03frontends.cfg
View file

@ -311,16 +311,14 @@ frontend frontend_default
acl linkding hdr(host) -i linkding.benoit.jp.net acl linkding hdr(host) -i linkding.benoit.jp.net
acl mastodon hdr(host) -i mastodon.benoit.jp.net acl mastodon hdr(host) -i mastodon.benoit.jp.net
acl miniflux hdr(host) -i miniflux.benoit.jp.net acl miniflux hdr(host) -i miniflux.benoit.jp.net
acl navidrome hdr(host) -i navidrome.jp.net
acl photoprism hdr(host) -i photoprism.benoit.jp.net acl photoprism hdr(host) -i photoprism.benoit.jp.net
acl vaultwarden hdr(host) -i vaultwarden.benoit.jp.net acl vaultwarden hdr(host) -i vaultwarden.benoit.jp.net
acl www hdr(host) -i benoit.jp.net
acl www hdr(host) -i www.benoit.jp.net acl www hdr(host) -i www.benoit.jp.net
acl www hdr(host) -i benoit.jp.net
http-request deny if adguard !JP !SG !letsencrypt http-request deny if adguard !JP !SG !letsencrypt
http-request deny if kanboard !JP !SG !letsencrypt http-request deny if kanboard !JP !SG !letsencrypt
http-request deny if miniflux !JP !SG !letsencrypt http-request deny if miniflux !JP !SG !letsencrypt
http-request deny if navidrome !JP !SG !letsencrypt
http-request deny if photoprism !JP !SG !letsencrypt http-request deny if photoprism !JP !SG !letsencrypt
http-request deny if vaultwarden !JP !SG !letsencrypt http-request deny if vaultwarden !JP !SG !letsencrypt
@ -333,7 +331,6 @@ frontend frontend_default
use_backend linkding if linkding use_backend linkding if linkding
use_backend mastodon if mastodon use_backend mastodon if mastodon
use_backend miniflux if miniflux use_backend miniflux if miniflux
use_backend navidrome if navidrome
use_backend photoprism if photoprism use_backend photoprism if photoprism
use_backend vaultwarden if vaultwarden use_backend vaultwarden if vaultwarden
use_backend www if www use_backend www if www

18
05backends.cfg
View file

@ -24,6 +24,7 @@ backend forgejo
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server forgejo forgejo.incus:3000 check server forgejo forgejo.incus:3000 check
backend mastodon backend mastodon
@ -34,6 +35,7 @@ backend mastodon
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server mastodon mastodon2.incus:80 send-proxy check server mastodon mastodon2.incus:80 send-proxy check
backend linkding backend linkding
@ -44,6 +46,7 @@ backend linkding
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server linkding linkding.incus:9090 check server linkding linkding.incus:9090 check
backend archive backend archive
@ -65,6 +68,7 @@ backend adguard
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server adguard adguard.incus:3000 check server adguard adguard.incus:3000 check
backend vaultwarden backend vaultwarden
@ -75,6 +79,7 @@ backend vaultwarden
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server vaultwarden vaultwarden.incus:80 check server vaultwarden vaultwarden.incus:80 check
backend kanboard backend kanboard
@ -85,6 +90,7 @@ backend kanboard
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server kanboard kanboard.incus:80 check server kanboard kanboard.incus:80 check
backend photoprism backend photoprism
@ -95,6 +101,7 @@ backend photoprism
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server photoprism photoprism.incus:2342 check server photoprism photoprism.incus:2342 check
backend miniflux backend miniflux
@ -105,6 +112,7 @@ backend miniflux
http-response set-header X-Content-Type-Options "nosniff" http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin" http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000
server miniflux miniflux.incus:8080 check server miniflux miniflux.incus:8080 check
backend www backend www
@ -117,13 +125,3 @@ backend www
http-response set-header Cross-Origin-Resource-Policy "same-origin" http-response set-header Cross-Origin-Resource-Policy "same-origin"
http-response set-header Cache-Control max-age=31536000 http-response set-header Cache-Control max-age=31536000
server www www.incus:80 check server www www.incus:80 check
backend navidrome
# set HSTS for one year after all responses
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# add some Security headers
http-response set-header X-Frame-Options "SAMEORIGIN"
http-response set-header X-Content-Type-Options "nosniff"
http-response set-header Referrer-Policy "strict-origin-when-cross-origin"
http-response set-header Cross-Origin-Resource-Policy "same-origin"
server navidrome navidrome.incus:4533 check