senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
veza/config/haproxy/haproxy.cfg
senke 05d02386dc chore(cleanup): remove veza-chat-server directory and all operational references 
Chat functionality is now fully handled by the Go backend (since v0.502).
Remove the deprecated Rust chat server and all its references from:
- CI/CD workflows (ci.yml, cd.yml, rust-ci.yml, chat-ci.yml)
- Monitoring & proxy config (prometheus, caddy, haproxy)
- Incus deployment scripts and documentation
- Monorepo config (package.json, dependabot, GH templates)
2026-02-22 21:13:00 +01:00

101 lines
3.1 KiB
INI
Raw Blame History

global
log stdout format raw local0
maxconn 4096
daemon
defaults
log global
mode http
option httplog
option dontlognull
option forwardfor
option http-server-close
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
timeout http-request 10000ms
# ============================================================================
# STATS & MONITORING (P1.3: restricted to internal network)
# ============================================================================
frontend stats
bind *:8404
stats enable
stats uri /stats
stats refresh 30s
acl from_internal src 127.0.0.1 172.20.0.0/16
stats admin if from_internal
# ============================================================================
# HTTP FRONTEND (Port 80)
# ============================================================================
frontend http_frontend
bind *:80
mode http
# P1.1: Redirect HTTP to HTTPS in production
redirect scheme https code 301 if !{ ssl_fc }
# ACLs for routing
acl is_api path_beg /api/v1
acl is_stream path_beg /stream
acl is_hls path_beg /hls
acl is_web path_beg /
# Route to appropriate backend
use_backend backend_api if is_api
use_backend stream_ws if is_stream
use_backend stream_ws if is_hls
use_backend web_frontend if is_web
# ============================================================================
# HTTPS FRONTEND (Port 443) - P1.1: Production HTTPS
# Certificates from config/ssl/ mounted at /etc/ssl/veza/
# ============================================================================
frontend https_frontend
bind *:443 ssl crt /etc/ssl/veza/veza.pem
mode http
# ACLs for routing
acl is_api path_beg /api/v1
acl is_stream path_beg /stream
acl is_hls path_beg /hls
acl is_web path_beg /
# Route to appropriate backend
use_backend backend_api if is_api
use_backend stream_ws if is_stream
use_backend stream_ws if is_hls
use_backend web_frontend if is_web
# ============================================================================
# BACKENDS
# ============================================================================
# Backend API (Go)
backend backend_api
mode http
balance roundrobin
option httpchk GET /api/v1/health
http-check expect status 200
server backend1 backend-api:8080 check inter 5s fall 3 rise 2
# Add more servers for load balancing:
# server backend2 backend-api-2:8080 check inter 5s fall 3 rise 2
# Stream WebSocket (Rust)
backend stream_ws
mode http
balance roundrobin
option httpchk GET /health
http-check expect status 200
server stream1 stream-server:3001 check inter 5s fall 3 rise 2
# WebSocket specific options
timeout tunnel 3600s
# Web Frontend (React/Vite)
backend web_frontend
mode http
balance roundrobin
option httpchk GET /
http-check expect status 200
server web1 web:5173 check inter 5s fall 3 rise 2
# Add more servers for load balancing:
# server web2 web-2:5173 check inter 5s fall 3 rise 2
Reference in a new issue View git blame Copy permalink