diyIT/FreeBSD
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

next set of updates

Browse Source
This commit is contained in:
Charlie Root
2020-05-26 21:15:31 -07:00
parent 2327d9d6c0
commit 7707eb5865
61 changed files with 43942 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
jails/config/proxy/haproxy.conf
View File

@ -36,15 +36,6 @@ defaults
timeout tunnel 3600s
timeout tarpit 60s
#listen stats
# bind :::1936 v4v6
# stats uri /
# stats enable
# stats refresh 10s
# stats show-node
# stats realm Haproxy\ Statistics
# stats auth infra:infra
frontend stats
bind :::8404 v4v6
http-request use-service prometheus-exporter if { path /metrics }
@ -88,6 +79,7 @@ frontend ft
use_backend bk_diyit if { ssl_fc_sni www.diyit.space }
use_backend bk_ahlawat-sharad if { ssl_fc_sni sharad.ahlawat.com }
use_backend bk_ahlawat-rachna if { ssl_fc_sni rachna.ahlawat.com }
use_backend bk_ahlawat-nivi if { ssl_fc_sni nivi.ahlawat.com }
use_backend bk_ahlawat-nivi if { ssl_fc_sni nivedita.ahlawat.com }
use_backend bk_ahlawat-rishabh if { ssl_fc_sni rishabh.ahlawat.com }
@ -101,6 +93,8 @@ frontend ft
use_backend bk_ahlawat-cloud if { ssl_fc_sni cloud.ahlawat.com }
use_backend bk_ahlawat-git if { ssl_fc_sni git.ahlawat.com }
use_backend bk_ahlawat-hub if { ssl_fc_sni hub.ahlawat.com }
use_backend bk_ahlawat-matrix if { ssl_fc_sni matrix.ahlawat.com }
use_backend bk_ahlawat-meet if { ssl_fc_sni meet.ahlawat.com }
use_backend bk_ahlawat-monitor if { ssl_fc_sni monitor.ahlawat.com }
use_backend bk_diyit-grafana if { ssl_fc_sni grafana.diyit.org }
@ -108,7 +102,6 @@ frontend ft
use_backend bk_diyit-kibana if { ssl_fc_sni kibana.diyit.org }
use_backend bk_diyit-maps if { ssl_fc_sni maps.diyit.org }
use_backend bk_beyondbell-api if { ssl_fc_sni api.beyondbell.com }
use_backend bk_beyondbell-ci if { ssl_fc_sni ci.beyondbell.com }
use_backend bk_beyondbell-git if { ssl_fc_sni git.beyondbell.com }
use_backend bk_beyondbell-repo if { ssl_fc_sni repo.beyondbell.com }
@ -118,26 +111,37 @@ frontend ft
backend bk_ahlawat
server srv1 web.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 sharadx.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell
server srv1 192.168.0.74:8000
server srv1 192.168.0.77:8000
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_diyit
server srv1 web.diyit.org:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 sharadx.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-sharad
balance roundrobin
server srv1 sharadx.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-rachna
server srv1 rachnax.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-nivi
server srv1 nivix.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-rishabh
server srv1 rishabhx.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
#backend bk_ahlawat-book
@ -164,10 +168,12 @@ backend bk_ahlawat-cam
backend bk_ahlawat-cloud
server srv1 cloudx.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
# rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-git
server srv1 gitx.ahlawat.com:3000 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspidel X-Frame-Options:*
# http-request set-var(txn.src) src
# acl mynet var(txn.src) -m sub 192.168.0
@ -178,8 +184,19 @@ backend bk_ahlawat-git
backend bk_ahlawat-hub
server srv1 hubx.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-matrix
server srv1 matrix.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
# rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-meet
server srv1 meet.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
# rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-monitor
server srv1 monitorx.ahlawat.com:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
# rspadd X-Frame-Options:\ SAMEORIGIN
@ -199,6 +216,7 @@ backend bk_diyit-kibana
backend bk_diyit-maps
server srv1 mapsx.diyit.org:443 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 web.diyit.org:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
# rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_ahlawat-ci
@ -208,28 +226,26 @@ backend bk_ahlawat-ci
server srv1 cix.ahlawat.com:8180 check
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell-api
server srv1 192.168.0.77:8000
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell-git
server srv1 gitx.beyondbell.com:3000 check ssl ca-file /mnt/certs/cacert.pem alpn h2
server srv2 rishabhx.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell-ci
http-request set-header Host cix.beyondbell.com:8111
reqirep ^([^\ \t:]*:)\ https://ci.beyondbell.com/(.*) \1\ http://cix.beyondbell.com:8111/\2
rspirep ^([^\ \t:]*:)\ http://cix.beyondbell.com:8111/(.*) \1\ https://ci.beyondbell.com/\2
server srv1 cix.beyondbell.com:8111 check
server srv1 cix.beyondbell.com:8111
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell-repo
# http-request set-header Host 192.168.0.75:8080
reqirep ^([^\ \t:]*:)\ https://repo.beyondbell.com/(.*) \1\ http://192.168.0.75:8080/\2
rspirep ^([^\ \t:]*:)\ http://192.168.0.75:8080/(.*) \1\ https://repo.beyondbell.com/\2
server srv1 192.168.0.75:8080 check
server srv1 192.168.0.75:8080
rspadd X-Frame-Options:\ SAMEORIGIN
backend bk_beyondbell-gs
server srv1 192.168.0.81:26900 check
server srv2 rishabhx.ahlawat.com:443 backup check ssl ca-file /mnt/certs/cacert.pem alpn h2
rspadd X-Frame-Options:\ SAMEORIGIN