diff --git a/haproxy/src/haproxy.cfg b/haproxy/src/haproxy.cfg index 59e165b8e..bed4af1a5 100644 --- a/haproxy/src/haproxy.cfg +++ b/haproxy/src/haproxy.cfg @@ -14,9 +14,29 @@ defaults log global option httplog +frontend uplink + mode tcp + bind :8000 + tcp-request inspect-delay 2s + tcp-request content accept if HTTP + tcp-request content accept if { req.ssl_hello_type 1 } + use_backend receive_http if HTTP + default_backend receive_https +backend receive_http + mode tcp + server loopback-for-http abns@http send-proxy-v2 +backend receive_https + mode tcp + server loopback-for-https abns@https send-proxy-v2 + +frontend http + mode http + bind abns@http accept-proxy + redirect scheme https code 301 + frontend https mode http - bind *:8000 ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1 + bind abns@https accept-proxy ssl crt /usr/local/etc/haproxy/combined.pem alpn h2,http/1.1 default_backend backend_client # this is defined in the dev-*/prod-* file acl action path_beg -i /system/action