From c14d36d4ea5d120372b2f2d8a34f9b78f59a3e14 Mon Sep 17 00:00:00 2001 From: Igor Kulikov Date: Thu, 27 Feb 2020 11:05:59 +0200 Subject: [PATCH] Update haproxy config --- docker/haproxy/config/haproxy.cfg | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/docker/haproxy/config/haproxy.cfg b/docker/haproxy/config/haproxy.cfg index ba17bd64d9..a0f29ad1e9 100644 --- a/docker/haproxy/config/haproxy.cfg +++ b/docker/haproxy/config/haproxy.cfg @@ -56,20 +56,17 @@ frontend http-in reqadd X-Forwarded-Proto:\ http - acl acl_static path_beg /static/ /index.html - acl acl_static path / - acl acl_static_rulenode path_beg /static/rulenode/ - acl transport_http_acl path_beg /api/v1/ acl letsencrypt_http_acl path_beg /.well-known/acme-challenge/ + acl tb_api_acl path_beg /api/ /swagger /webjars /v2/ /static/rulenode/ redirect scheme https if !letsencrypt_http_acl !transport_http_acl { env(FORCE_HTTPS_REDIRECT) -m str true } use_backend letsencrypt_http if letsencrypt_http_acl use_backend tb-http-backend if transport_http_acl - use_backend tb-web-backend if acl_static !acl_static_rulenode + use_backend tb-api-backend if tb_api_acl - default_backend tb-api-backend + default_backend tb-web-backend frontend https_in bind *:${HTTPS_PORT} ssl crt /usr/local/etc/haproxy/default.pem crt /usr/local/etc/haproxy/certs.d ciphers ECDHE-RSA-AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM @@ -79,15 +76,12 @@ frontend https_in reqadd X-Forwarded-Proto:\ https acl transport_http_acl path_beg /api/v1/ - - acl acl_static path_beg /static/ /index.html - acl acl_static path / - acl acl_static_rulenode path_beg /static/rulenode/ + acl tb_api_acl path_beg /api/ /swagger /webjars /v2/ /static/rulenode/ use_backend tb-http-backend if transport_http_acl - use_backend tb-web-backend if acl_static !acl_static_rulenode + use_backend tb-api-backend if tb_api_acl - default_backend tb-api-backend + default_backend tb-web-backend backend letsencrypt_http server letsencrypt_http_srv 127.0.0.1:8080