# SecuBox HAProxy Configuration config haproxy 'main' option enabled '0' option http_port '80' option https_port '443' option stats_port '8404' option stats_enabled '1' option stats_user 'admin' option stats_password 'secubox' option data_path '/srv/haproxy' option memory_limit '256M' option maxconn '4096' option log_level 'warning' config defaults 'defaults' option mode 'http' option timeout_connect '5s' option timeout_client '30s' option timeout_server '30s' option timeout_http_request '10s' option timeout_http_keep_alive '10s' option retries '3' option option_httplog '1' option option_dontlognull '1' option option_forwardfor '1' # Example frontend (HTTP catch-all) config frontend 'http_front' option name 'http-in' option bind '*:80' option mode 'http' option default_backend 'fallback' option enabled '1' # Example frontend (HTTPS with SNI using crt-list for multi-cert support) config frontend 'https_front' option name 'https-in' option bind '*:443 ssl crt-list /opt/haproxy/certs/certs.list alpn h2,http/1.1' option mode 'http' option default_backend 'fallback' option enabled '1' # Fallback backend config backend 'fallback' option name 'fallback' option mode 'http' option balance 'roundrobin' option enabled '1' # CyberMood.eu vhost config vhost 'cybermood' option domain 'cybermood.eu' option backend 'cybermood_web' option ssl '1' option ssl_redirect '1' option acme '1' option enabled '1' config vhost 'cybermood_www' option domain 'www.cybermood.eu' option backend 'cybermood_web' option ssl '1' option ssl_redirect '1' option acme '1' option enabled '1' config vhost 'cybermood_presse' option domain 'presse.cybermood.eu' option backend 'cybermood_presse' option ssl '1' option ssl_redirect '1' option acme '1' option enabled '1' # Example vhost #config vhost 'example' # option domain 'example.com' # option backend 'web_servers' # option ssl '1' # option ssl_redirect '1' # option acme '1' # option enabled '1' # CyberMood.eu backend config backend 'cybermood_web' option name 'cybermood-web' option mode 'http' option balance 'roundrobin' option enabled '1' config server 'cybermood_srv' option backend 'cybermood_web' option name 'cybermood-srv' option address '192.168.255.1' option port '4000' option check '1' option enabled '1' # CyberMood Presse backend config backend 'cybermood_presse' option name 'cybermood-presse' option mode 'http' option balance 'roundrobin' option enabled '1' config server 'cybermood_presse_srv' option backend 'cybermood_presse' option name 'cybermood-presse-srv' option address '192.168.255.1' option port '4001' option check '1' option enabled '1' # Example backend with servers #config backend 'web_servers' # option name 'web-servers' # option mode 'http' # option balance 'roundrobin' # option health_check 'httpchk GET /health' # option enabled '1' # Example server #config server 'web1' # option backend 'web_servers' # option name 'web1' # option address '192.168.1.10' # option port '8080' # option weight '100' # option check '1' # option enabled '1' # ACME/Let's Encrypt settings config acme 'acme' option enabled '1' option email 'admin@example.com' option staging '0' option key_type 'ec-256' option renew_days '30' # CyberMood.eu certificate (ACME) config certificate 'cert_cybermood' option domain 'cybermood.eu' option type 'acme' option enabled '1' config certificate 'cert_cybermood_www' option domain 'www.cybermood.eu' option type 'acme' option enabled '1' config certificate 'cert_cybermood_presse' option domain 'presse.cybermood.eu' option type 'acme' option enabled '1' # Certificate entry (manual or ACME) #config certificate 'cert_example' # option domain 'example.com' # option type 'acme' # option enabled '1' # URL Redirect rule #config redirect 'redirect_www' # option name 'www-redirect' # option match_host '^www\.' # option target_host '' # option strip_www '1' # option code '301' # option enabled '1' # ACL rule #config acl 'acl_api' # option name 'is_api' # option type 'path_beg' # option pattern '/api/' # option backend 'api_servers' # option enabled '1'