safebox/proxy-scheduler
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added haproxy config create files and variables.

Browse Source
This commit is contained in:
Gyorgy Berenyi
2021-09-27 11:13:29 +00:00
parent c3c547b82f
commit 146c26cc38
4 changed files with 151 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
scripts/config_haproxy_create.sh Executable file
View File

@@ -0,0 +1,127 @@
#!/bin/sh
# Initial parameters
DATE=`date +%F-%H-%M-%S`
# Set env variables
DOMAIN_DIR=$DOMAIN_DIR
PROXY_CONFIG_DIR=$PROXY_CONFIG_DIR
cd /scripts
file="$PROXY_DIR/haproxy.cfg"
global_http="global_http"
global_https="global_https"
cp -a haproxy_template.cfg $PROXY_DIR/haproxy.cfg
{
echo "frontend http
";
cat "$global_http"
echo
echo "acl letsencrypt path_beg /.well-known/acme-challenge/";
echo
for i in `ls $DOMAIN_DIR|cut -d / -f2` ; do
if [[ "$(jq -r .REDIRECT_HTTPS $i)" != "" && "$(jq -r .HTTP_PORT $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "redirect prefix https://$(jq -r .REDIRECT_HTTPS $i) hdr(host) code 301 if { hdr(host) -i $(jq -r .DOMAIN $i) }";
fi
done
echo
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTP_PORT $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "acl $(jq -r .DOMAIN $i)_http hdr(host) -i $(jq -r .DOMAIN $i)";
fi
if [[ "$(jq -r .DOMAIN $i)" != "letsencrypt" && "$(jq -r .HTTP_PORT $i)" != "" && "$(jq -r .ALIASES_HTTP[] $i)" != "" ]]
then
ALIASES_LIST=$(jq -r .ALIASES_HTTP[] $i)
for ALIAS in $ALIASES_LIST
do
echo "acl $(jq -r .DOMAIN $i)_http hdr(host) -i $ALIAS";
done
fi
done
echo
echo "use_backend letsencrypt_http if letsencrypt"
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTP_PORTS $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "use_backend $(jq -r .DOMAIN $i)_http if $(jq -r .DOMAIN $i)_http";
fi
done
echo
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTP_PORT $i)" != "" ]]
then
echo "backend $(jq -r .DOMAIN $i)_http";
echo " mode http";
echo " server $(jq -r .DOMAIN $i) $(jq -r .LOCAL_IP $i):$(jq -r .HTTP_PORT $i)";
fi
done
echo
echo "frontend https
";
cat "$global_https"
echo
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTPS_PORT $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "acl $(jq -r .DOMAIN $i)_https req_ssl_sni -i $(jq -r .DOMAIN $i)";
fi
if [[ "$(jq -r .HTTPS_PORT $i)" != "" && "$(jq -r .ALIASES_HTTPS[] $i)" != "" ]]
then
ALIASES_LIST=$(jq -r .ALIASES_HTTPS[] $i)
for ALIAS in $ALIASES_LIST
do
echo "acl $(jq -r .DOMAIN $i)_https req_ssl_sni -i $ALIAS";
done
fi
done
echo
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTPS_PORT $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "use_backend $(jq -r .DOMAIN $i)_https if $(jq -r .DOMAIN $i)_https";
fi
done
echo
for i in `ls ${DOMAINS}*` ; do
if [[ "$(jq -r .DOMAIN $i)" != "" && "$(jq -r .HTTPS_PORT $i)" != "" && "$(jq -r .DOMAIN $i)" != "letsencrypt" ]]
then
echo "backend $(jq -r .DOMAIN $i)_https";
echo " option ssl-hello-chk";
echo " mode tcp";
echo " server $(jq -r .DOMAIN $i) $(jq -r .LOCAL_IP $i):$(jq -r .HTTPS_PORT $i) check";
fi
done
} >> "$file"

6
scripts/global_http Normal file
View File

@@ -0,0 +1,6 @@
bind :80
mode http
option forwardfor
option httplog
option dontlognull
http-request add-header X-Forwarded-For %[src]

7
scripts/global_https Normal file
View File

@@ -0,0 +1,7 @@
bind :443
mode tcp
option tcplog
option dontlognull
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
http-request add-header X-Forwarded-Proto https if { ssl_fc }

11
scripts/haproxy_template.cfg Normal file
View File

@@ -0,0 +1,11 @@
global
log stdout format raw local0 debug
defaults
timeout client 30s
timeout server 30s
timeout connect 5s
mode http
option redispatch
option http-server-close
log global