diff options
author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-03-05 17:31:48 +0000 |
---|---|---|
committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-03-05 17:31:48 +0000 |
commit | 7f088c69839965602dd8de4feed1e77eed8f7b81 (patch) | |
tree | 5932ae8a880590893b71154258b6bd31ed221a54 | |
parent | 838aa6f203412c7dfa303fd9ee527771af547c65 (diff) | |
download | infrastructure-sam/storyboard-haproxy.tar.gz |
frontend: Add storyboard.baserock.org to haproxy.cfgsam/storyboard-haproxy
-rw-r--r-- | frontend/haproxy.cfg | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/frontend/haproxy.cfg b/frontend/haproxy.cfg index 9910bed5..99d8b68a 100644 --- a/frontend/haproxy.cfg +++ b/frontend/haproxy.cfg @@ -28,6 +28,10 @@ defaults frontend http-in bind *:80 + # Forward Storyboard http:// to https://. The Storyboard Apache config + # will do this if we don't, but we may as well do it here. + redirect scheme https if { hdr(Host) -m beg -i storyboard } !{ ssl_fc } + # The hdr(host) call means 'extract the first Host header from the HTTP request # or response', the '-m beg' switch means 'match against the beginning of it' # and the '-i' flag makes the match case-insensitive. @@ -39,6 +43,11 @@ frontend http-in use_backend baserock_mason_x86_32_http if host_mason_x86_32 use_backend baserock_openid_provider_http if host_openid +frontend https-in + bind *:443 + + use_backend baserock_storyboard_https if { hdr(Host) -m beg -i storyboard } + frontend ssh-in: # FIXME: it'd be better if we could limit traffic on port 29418 to # gerrit.baserock.org. There's no way of knowing from an SSH request @@ -65,3 +74,6 @@ backend baserock_mason_x86_32_http backend baserock_openid_provider_http server baserock_openid_provider 192.168.222.67:80 + +backend baserock_storyboard_https + server baserock_storyboard 192.168.222.40:443 |