Verified Commit 5e7d01ae authored by Elias Ojala's avatar Elias Ojala
Browse files

Haproxy - Force HTTPS

parent af6199da
......@@ -43,6 +43,25 @@ defaults
errorfile 504 /etc/haproxy/errors/504.http
```
## Force HTTPS
```
# HTTP (port 80)
frontend http-in
bind *:80
reqadd X-Forwarded-Proto:\ http
use_backend letsencrypt if { path_beg -i /.well-known/acme-challenge }
default_backend redirect-to-https
backend redirect-to-https
redirect scheme https if !{ ssl_fc }
backend letsencrypt
server letsencrypt-http 127.0.0.1:12345 verify none
```
## Let's Encrypt
Use this utility to convert certs outputted by Certbot to ones compatible by HAProxy.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment