senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/config/ssl/.gitignore
senke b657776892 fix(infra): HAProxy HTTPS and stats security 
P1.1 - Enable HTTPS in HAProxy for production:
- HTTP to HTTPS redirect (301)
- HTTPS frontend on port 443 with veza.pem
- config/ssl/ structure with README and generate-ssl-cert.sh
- docker-compose.prod.yml volume for certs

P1.3 - Restrict HAProxy stats to internal network:
- ACL from_internal (127.0.0.1, 172.20.0.0/16)
- stats admin if from_internal

Also: remove errorfile directives (use HAProxy built-in defaults)
2026-02-15 15:58:51 +01:00

6 lines
74 B
Text
Raw Blame History

# Never commit certificates or private keys
*.pem
*.crt
*.key
*.p12
*.pfx
Reference in a new issue View git blame Copy permalink