Verified Commit 5e7d01ae authored by Elias Ojala's avatar Elias Ojala
Browse files

Haproxy - Force HTTPS

parent af6199da
...@@ -43,6 +43,25 @@ defaults ...@@ -43,6 +43,25 @@ defaults
errorfile 504 /etc/haproxy/errors/504.http errorfile 504 /etc/haproxy/errors/504.http
``` ```
## Force HTTPS
```
# HTTP (port 80)
frontend http-in
bind *:80
reqadd X-Forwarded-Proto:\ http
use_backend letsencrypt if { path_beg -i /.well-known/acme-challenge }
default_backend redirect-to-https
backend redirect-to-https
redirect scheme https if !{ ssl_fc }
backend letsencrypt
server letsencrypt-http 127.0.0.1:12345 verify none
```
## Let's Encrypt ## Let's Encrypt
Use this utility to convert certs outputted by Certbot to ones compatible by HAProxy. Use this utility to convert certs outputted by Certbot to ones compatible by HAProxy.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment