veza/config/incus/haproxy.cfg

global
    # Logging configuration - send to syslog with detailed format
    log /dev/log local0 debug
    log /dev/log local1 notice
    maxconn 4096
    daemon
    tune.ssl.default-dh-param 2048

defaults
    log global
    mode http
    # Enhanced logging format with detailed information
    # Note: log-format is used instead of option httplog (log-format replaces httplog)
    option log-health-checks
    option dontlognull
    option forwardfor
    option http-server-close
    # Log format: detailed HTTP logs with all metrics
    # Format: client_ip:port [timestamp] frontend backend/server time_queued/time_wait/time_connect/time_response/time_active status_code bytes_read conn_conn conn_fail conn_backend conn_server conn_retry queue_backend queue_frontend request_header response_header request_line
    log-format "%ci:%cp [%t] %ft %b/%s %Tq/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms
    timeout http-request 10000ms

# ============================================================================
# STATS & MONITORING
# ============================================================================
frontend stats
    bind *:8404
    stats enable
    stats uri /stats
    stats refresh 30s
    stats admin if TRUE

# ============================================================================
# HTTP FRONTEND (Port 80)
# ============================================================================
frontend http_frontend
    bind *:80
    bind *:443 ssl crt /etc/haproxy/certs/veza.pem
    mode http
    
    # ACLs for routing (must be defined before use)
    acl is_api path_beg /api/v1
    acl is_ws path_beg /ws
    acl is_stream path_beg /stream
    acl is_web path_beg /
    
    # Return 503 for WebSocket endpoints (stream not available)
    # Note: stream-server is disabled (Rust service not deployed)
    # Must be before redirect to avoid processing order issues
    http-request return status 503 content-type "text/plain" string "Service temporarily unavailable: stream-server is not deployed" if is_ws
    http-request return status 503 content-type "text/plain" string "Service temporarily unavailable: stream-server is not deployed" if is_stream
    
    # Redirect HTTP to HTTPS (after WebSocket checks)
    redirect scheme https code 301 if !{ ssl_fc }
    
    # Route to appropriate backend
    use_backend backend_api if is_api
    use_backend web_frontend if is_web

# ============================================================================
# BACKENDS (Incus IP addresses)
# ============================================================================

# Backend API (Go) - veza-backend-api container
backend backend_api
    mode http
    balance roundrobin
    option httpchk GET /api/v1/health
    http-check expect status 200
    server backend1 10.10.10.2:8080 check inter 5s fall 3 rise 2

# Stream WebSocket (Rust) - veza-stream-server container
# DISABLED: stream-server is not deployed (Rust compilation issues)
# backend stream_ws
#     mode http
#     balance roundrobin
#     option httpchk GET /health
#     http-check expect status 200
#     server stream1 10.10.10.4:3002 check inter 5s fall 3 rise 2
#     # WebSocket specific options
#     timeout tunnel 3600s

# Web Frontend (Host Dev Server) - 10.10.10.1:5173
backend web_frontend
    mode http
    balance roundrobin
    option httpchk GET /
    http-check expect status 200
    # Route to host machine (gateway IP) on Vite port
    server dev_web 10.10.10.1:5173 check inter 5s fall 3 rise 2
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`global`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# Logging configuration - send to syslog with detailed format`
			`log /dev/log local0 debug`
			`log /dev/log local1 notice`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`maxconn 4096`
			`daemon`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`tune.ssl.default-dh-param 2048`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00
			`defaults`
			`log global`
			`mode http`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# Enhanced logging format with detailed information`
			`# Note: log-format is used instead of option httplog (log-format replaces httplog)`
			`option log-health-checks`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`option dontlognull`
			`option forwardfor`
			`option http-server-close`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# Log format: detailed HTTP logs with all metrics`
			`# Format: client_ip:port [timestamp] frontend backend/server time_queued/time_wait/time_connect/time_response/time_active status_code bytes_read conn_conn conn_fail conn_backend conn_server conn_retry queue_backend queue_frontend request_header response_header request_line`
			`log-format "%ci:%cp [%t] %ft %b/%s %Tq/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`timeout connect 5000ms`
			`timeout client 50000ms`
			`timeout server 50000ms`
			`timeout http-request 10000ms`

			`# ============================================================================`
			`# STATS & MONITORING`
			`# ============================================================================`
			`frontend stats`
			`bind *:8404`
			`stats enable`
			`stats uri /stats`
			`stats refresh 30s`
			`stats admin if TRUE`

			`# ============================================================================`
			`# HTTP FRONTEND (Port 80)`
			`# ============================================================================`
			`frontend http_frontend`
			`bind *:80`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`bind *:443 ssl crt /etc/haproxy/certs/veza.pem`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`mode http`

state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# ACLs for routing (must be defined before use)`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`acl is_api path_beg /api/v1`
			`acl is_ws path_beg /ws`
			`acl is_stream path_beg /stream`
			`acl is_web path_beg /`

chore(cleanup): remove veza-chat-server directory and all operational references Chat functionality is now fully handled by the Go backend (since v0.502). Remove the deprecated Rust chat server and all its references from: - CI/CD workflows (ci.yml, cd.yml, rust-ci.yml, chat-ci.yml) - Monitoring & proxy config (prometheus, caddy, haproxy) - Incus deployment scripts and documentation - Monorepo config (package.json, dependabot, GH templates) 2026-02-22 20:13:00 +00:00			`# Return 503 for WebSocket endpoints (stream not available)`
			`# Note: stream-server is disabled (Rust service not deployed)`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# Must be before redirect to avoid processing order issues`
chore(cleanup): remove veza-chat-server directory and all operational references Chat functionality is now fully handled by the Go backend (since v0.502). Remove the deprecated Rust chat server and all its references from: - CI/CD workflows (ci.yml, cd.yml, rust-ci.yml, chat-ci.yml) - Monitoring & proxy config (prometheus, caddy, haproxy) - Incus deployment scripts and documentation - Monorepo config (package.json, dependabot, GH templates) 2026-02-22 20:13:00 +00:00			`http-request return status 503 content-type "text/plain" string "Service temporarily unavailable: stream-server is not deployed" if is_ws`
			`http-request return status 503 content-type "text/plain" string "Service temporarily unavailable: stream-server is not deployed" if is_stream`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00
			`# Redirect HTTP to HTTPS (after WebSocket checks)`
			`redirect scheme https code 301 if !{ ssl_fc }`

incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`# Route to appropriate backend`
			`use_backend backend_api if is_api`
			`use_backend web_frontend if is_web`

			`# ============================================================================`
			`# BACKENDS (Incus IP addresses)`
			`# ============================================================================`

			`# Backend API (Go) - veza-backend-api container`
			`backend backend_api`
			`mode http`
			`balance roundrobin`
			`option httpchk GET /api/v1/health`
			`http-check expect status 200`
			`server backend1 10.10.10.2:8080 check inter 5s fall 3 rise 2`

			`# Stream WebSocket (Rust) - veza-stream-server container`
state-ownership: delete unused optimisticStoreUpdates.ts file - Deleted apps/web/src/utils/optimisticStoreUpdates.ts (unused file) - File was unused - no imports found in codebase - Mutations already use React Query's onMutate pattern - No TypeScript errors after deletion - Actions 4.4.1.2 and 4.4.1.3 complete 2026-01-15 18:26:53 +00:00			`# DISABLED: stream-server is not deployed (Rust compilation issues)`
			`# backend stream_ws`
			`# mode http`
			`# balance roundrobin`
			`# option httpchk GET /health`
			`# http-check expect status 200`
			`# server stream1 10.10.10.4:3002 check inter 5s fall 3 rise 2`
			`# # WebSocket specific options`
			`# timeout tunnel 3600s`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00
fix: Corriger URL Swagger et finaliser implémentation DeveloperPage - Ajouter fallback pour Swagger UI si doc.json ne fonctionne pas - Améliorer message d'erreur avec bouton pour ouvrir Swagger UI directement - Les fonctionnalités API Keys et Usage Stats sont maintenant complètes et fonctionnelles - Tous les onglets de DeveloperPage sont maintenant implémentés 2026-01-18 12:55:28 +00:00			`# Web Frontend (Host Dev Server) - 10.10.10.1:5173`
incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 18:47:57 +00:00			`backend web_frontend`
			`mode http`
			`balance roundrobin`
			`option httpchk GET /`
			`http-check expect status 200`
fix: Corriger URL Swagger et finaliser implémentation DeveloperPage - Ajouter fallback pour Swagger UI si doc.json ne fonctionne pas - Améliorer message d'erreur avec bouton pour ouvrir Swagger UI directement - Les fonctionnalités API Keys et Usage Stats sont maintenant complètes et fonctionnelles - Tous les onglets de DeveloperPage sont maintenant implémentés 2026-01-18 12:55:28 +00:00			`# Route to host machine (gateway IP) on Vite port`
			`server dev_web 10.10.10.1:5173 check inter 5s fall 3 rise 2`