senke/veza - Talas Project: Beyond coding. We Forge.

senke/veza

Fork 0

Commit graph

Author	SHA1	Message	Date
senke	b657776892	fix(infra): HAProxy HTTPS and stats security P1.1 - Enable HTTPS in HAProxy for production: - HTTP to HTTPS redirect (301) - HTTPS frontend on port 443 with veza.pem - config/ssl/ structure with README and generate-ssl-cert.sh - docker-compose.prod.yml volume for certs P1.3 - Restrict HAProxy stats to internal network: - ACL from_internal (127.0.0.1, 172.20.0.0/16) - stats admin if from_internal Also: remove errorfile directives (use HAProxy built-in defaults)	2026-02-15 15:58:51 +01:00

Author

SHA1

Message

Date

senke

b657776892

fix(infra): HAProxy HTTPS and stats security

P1.1 - Enable HTTPS in HAProxy for production:
- HTTP to HTTPS redirect (301)
- HTTPS frontend on port 443 with veza.pem
- config/ssl/ structure with README and generate-ssl-cert.sh
- docker-compose.prod.yml volume for certs

P1.3 - Restrict HAProxy stats to internal network:
- ACL from_internal (127.0.0.1, 172.20.0.0/16)
- stats admin if from_internal

Also: remove errorfile directives (use HAProxy built-in defaults)

2026-02-15 15:58:51 +01:00

1 commit