net-ops/lb-common/overlay/opt/frontend/config/common/haproxy_swamid.j2

{% extends 'common/haproxy_base.j2' %}
# haproxy for SWAMIDs MDS load balancer nodes.
#
{% from "common/haproxy_macros.j2" import output_backends %}

{% block frontend %}
frontend {{ site_name }}
    {{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}

    timeout http-request 10s
    timeout http-keep-alive 4s

    http-request return status 200 content-type "text/plain" file "/opt/frontend/config/common/robots.txt" hdr "cache-control" "no-cache"  if { path /robots.txt }

    option forwardfor
    http-request set-header X-Forwarded-Proto https

    {{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff', 'no_cache']) }}

    {{ csp(["default-src "               + [csp_app_src]|join(' '),
            "script-src "                + ["'self'", "'unsafe-inline'"]|join(' '),
            "font-src "                  + ["'self'"]|join(' '),
            "style-src "                 + ["'self'", "'unsafe-inline'"]|join(' '),
            "img-src "                   + ["'self'"]|join(' '),
            ]) }}

    {{ acme_challenge(letsencrypt_server) }}

    {% block usebackend %}
    use_backend {{ site_name }}__default
    {% endblock usebackend %}
{% endblock frontend %}
{% block backend %}
{#
{{ output_backends(backends,
      config=[
      'cookie SERVERID insert indirect nocache',
      'option httpchk'
      ]
   )
}}
{% endblock backend %}
#}
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{% extends 'common/haproxy_base.j2' %}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00			`# haproxy for SWAMIDs MDS load balancer nodes.`
			`#`
			`{% from "common/haproxy_macros.j2" import output_backends %}`

Consolidate configuration 2025-05-14 12:23:40 +02:00			`{% block frontend %}`
			`frontend {{ site_name }}`
			`{{ bind_ip_tls(bind_ips, 443, tls_certificate_bundle) }}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00
Consolidate configuration 2025-05-14 12:23:40 +02:00			`timeout http-request 10s`
			`timeout http-keep-alive 4s`
Disallow bots 2025-05-14 12:42:12 +02:00
			`http-request return status 200 content-type "text/plain" file "/opt/frontend/config/common/robots.txt" hdr "cache-control" "no-cache" if { path /robots.txt }`

move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00			`option forwardfor`
Consolidate configuration 2025-05-14 12:23:40 +02:00			`http-request set-header X-Forwarded-Proto https`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{{ web_security_options(['no_frames', 'block_xss', 'hsts', 'no_sniff', 'no_cache']) }}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{{ csp(["default-src " + [csp_app_src]\|join(' '),`
			`"script-src " + ["'self'", "'unsafe-inline'"]\|join(' '),`
			`"font-src " + ["'self'"]\|join(' '),`
			`"style-src " + ["'self'", "'unsafe-inline'"]\|join(' '),`
			`"img-src " + ["'self'"]\|join(' '),`
			`]) }}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{{ acme_challenge(letsencrypt_server) }}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{% block usebackend %}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00			`use_backend {{ site_name }}__default`
Consolidate configuration 2025-05-14 12:23:40 +02:00			`{% endblock usebackend %}`
move mds.swamid.se to new LBs 2025-05-06 07:21:55 +02:00			`{% endblock frontend %}`
Syntax error 2025-05-14 13:31:10 +02:00			`{% block backend %}`
			`{#`
			`{{ output_backends(backends,`
			`config=[`
			`'cookie SERVERID insert indirect nocache',`
			`'option httpchk'`
			`]`
			`)`
			`}}`
			`{% endblock backend %}`
			`#}`