From 51f6af08e2d8653902668252598aacb31a5989fc Mon Sep 17 00:00:00 2001 From: Patrick Wagner Date: Wed, 15 Nov 2023 21:12:19 +0100 Subject: [PATCH] first commit --- README.md | 5 +++++ add_haproxy_domain.sh | 19 ++++++++++++++++ haproxy.conf | 51 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) create mode 100644 README.md create mode 100755 add_haproxy_domain.sh create mode 100644 haproxy.conf diff --git a/README.md b/README.md new file mode 100644 index 0000000..51e4108 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# FreeBSD scripts + +This is just a collection of small scripts I made to simplify the +administration of systems + diff --git a/add_haproxy_domain.sh b/add_haproxy_domain.sh new file mode 100755 index 0000000..48da2cf --- /dev/null +++ b/add_haproxy_domain.sh @@ -0,0 +1,19 @@ +#!/bin/tcsh -f +echo -n "Enter a name for the entry: " +set name = $< +echo -n "Enter the domain name for this entry: " +set dname = $< +echo -n "Enter the IP of the container for this entry: " +set ip = $< +echo -n "I will add an entry with name $name , domain name $dname and IP $ip. Is this correct? (y/n): " +set correct = $< +if ($correct == "y" || $correct == "Y") then +sed -i '' -e 's/http_entry/http_entry \ \n\tacl '"$name"' hdr(host) -i '"$dname"' # '"$name"'\n\tacl '"$name"' hdr(host) -i www.'"$dname"' # '"$name"'\n/g'\ +-e 's/http_backend/http_backend \ \n\tuse_backend http_'"$name"' if '"$name"' # '"$name"'/g'\ +-e 's/http_ip/http_ip \ \n\nbackend http_'"$name"' # '"$name"'\n\tmode http # '"$name"'\n\toption httplog # '"$name"'\n\toption forwardfor # '"$name"'\n\tserver '"$name"' '"$ip"':80 # '"$name"'\n/g'\ +-e 's/https_entry/https_entry \ \n\tacl '"$name"' req.ssl_sni -i '"$dname"' # '"$name"'\n\tacl '"$name"' req.ssl_sni -i www.'"$dname"' # '"$name"'\n/g'\ +-e 's/https_backend/https_backend \ \n\tuse_backend https_'"$name"' if '"$name"' # '"$name"'/g'\ +-e 's/https_ip/https_ip \ \n\nbackend https_'"$name"' # '"$name"'\n\tmode tcp # '"$name"'\n\toption tcplog # '"$name"'\n\toption ssl-hello-chk # '"$name"'\n\tserver '"$name"' '"$ip"':443 # '"$name"'\n/g' haproxy.conf +else + echo "Cancelled!" +endif \ No newline at end of file diff --git a/haproxy.conf b/haproxy.conf new file mode 100644 index 0000000..b33d6ce --- /dev/null +++ b/haproxy.conf @@ -0,0 +1,51 @@ +global + strict-limits # refuse to start if insufficient FDs/memory + # add some process-wide tuning here if required + + # A stats socket may be added to check live metrics if the load generators + # do not report them. + # stats socket /tmp/haproxy.sock level admin + # stats timeout 1h + log /dev/log local0 + log /dev/log local1 notice + log 127.0.0.1:514 local0 info + daemon + +defaults + log global + mode http + option httplog + option dontlognull + balance random # power-of-two-choices + timeout client 60s + timeout server 60s + timeout connect 10s + +frontend http_in + mode http + option httplog + bind *:80 + option forwardfor + + #http_entry + + #http_backend + +#http_ip + + +frontend https_in + mode tcp + option tcplog + bind *:443 + acl tls req.ssl_hello_type 1 + tcp-request inspect-delay 5s + tcp-request content accept if tls + + #https_entry + + #https_backend + +#https_ip + +