26 lines
867 B
Django/Jinja
26 lines
867 B
Django/Jinja
{% extends 'common/haproxy_swamid.j2' %}
|
|
|
|
{% from "common/haproxy_macros.j2" import bind_ip_tls, web_security_options, acme_challenge, csp %}
|
|
|
|
{# Exclude /md/ from the default redirect for non HTTPS traffic #}
|
|
{% block https_everything %}
|
|
#
|
|
# Redirect _everything_ to HTTPS
|
|
frontend http-frontend
|
|
bind 0.0.0.0:80
|
|
bind :::80
|
|
|
|
redirect scheme https code 301 if !{ ssl_fc } ! { path_beg /.well-known/acme-challenge/ } ! { path_beg /md/ }
|
|
{% if letsencrypt_server is defined %}
|
|
use_backend letsencrypt_{{ letsencrypt_server }} if { path_beg /.well-known/acme-challenge/ }
|
|
{% else %}
|
|
# letsencrypt_backend not defined
|
|
{% endif %}
|
|
|
|
use_backend {{ site_name }}__default
|
|
{% endblock https_everything %}
|
|
|
|
{% block usebackend %}
|
|
use_backend {{ site_name }}__qa if { path_beg /qa/ }
|
|
use_backend {{ site_name }}__default
|
|
{% endblock usebackend %}
|