95 lines
2.3 KiB
INI
95 lines
2.3 KiB
INI
global
|
|
ssl-default-bind-options force-tlsv12
|
|
ssl-default-bind-options ssl-min-ver TLSv1.2
|
|
ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM
|
|
|
|
ssl-default-server-options force-tlsv12
|
|
ssl-default-server-options ssl-min-ver TLSv1.2
|
|
ssl-default-server-ciphers EECDH+AESGCM:EDH+AESGCM
|
|
|
|
tune.ssl.default-dh-param 2048
|
|
tune.ssl.cachesize 50000
|
|
|
|
maxconn 256
|
|
|
|
|
|
defaults
|
|
mode http
|
|
option dontlognull
|
|
option forwardfor
|
|
option httpchk
|
|
option httpclose
|
|
option abortonclose
|
|
timeout server 30s
|
|
timeout client 30s
|
|
timeout connect 5s
|
|
|
|
|
|
frontend stats
|
|
bind :1936
|
|
|
|
maxconn 10
|
|
|
|
stats enable
|
|
stats hide-version
|
|
stats refresh 30s
|
|
stats show-node
|
|
stats uri /
|
|
|
|
|
|
frontend home.suborbit.com
|
|
bind :443 v4v6 ssl crt /etc/letsencrypt/live/home.suborbit.com/fullchain+key.pem
|
|
|
|
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
|
|
http-request set-header Host home.suborbit.com
|
|
|
|
http-request redirect code 301 location https://%[hdr(host)]/jackett%[capture.req.uri] if { path_beg /UI/ }
|
|
|
|
use_backend qbittorrent-backend if { path_beg /bt/ }
|
|
use_backend sonarr-backend if { path_beg /sonarr/ }
|
|
use_backend radarr-backend if { path_beg /radarr/ }
|
|
use_backend sabnzbd-backend if { path_beg /sabnzbd/ }
|
|
use_backend jackett-backend if { path_beg /jackett/ }
|
|
use_backend matrix-backend if { path_beg /_matrix/ }
|
|
use_backend share-backend if { path_beg / }
|
|
|
|
|
|
frontend search.lan
|
|
bind :80 v4v6
|
|
|
|
acl network_allowed src 10.0.9.0/24 2a02:8010:652f::/48
|
|
acl host_search hdr(host) -i search.lan
|
|
|
|
block if !network_allowed
|
|
|
|
use_backend searx-backend if host_search
|
|
|
|
|
|
backend qbittorrent-backend
|
|
server jupiter 10.0.9.111:8181
|
|
reqrep ^([^\ :]*)\ /bt/(.*) \1\ /\2
|
|
|
|
backend sonarr-backend
|
|
server jupiter 10.0.9.111:8989
|
|
|
|
backend radarr-backend
|
|
server jupiter 10.0.9.111:7878
|
|
|
|
backend sabnzbd-backend
|
|
server jupiter 10.0.9.111:8080
|
|
|
|
backend jackett-backend
|
|
server jupiter 10.0.9.111:9117
|
|
reqrep ^([^\ :]*)\ /jackett/(.*) \1\ /\2
|
|
|
|
backend matrix-backend
|
|
server localhost 10.0.9.111:8008 maxconn 64
|
|
|
|
backend searx-backend
|
|
server localhost 10.0.9.111:8888
|
|
acl network_allowed src 10.0.9.0/24
|
|
|
|
backend share-backend
|
|
server jupiter 10.0.9.111:8182
|