An error occurred fetching the project authors.
  1. 05 Oct, 2020 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Provide backend-haproxy statistic · 8d5910dc
      Łukasz Nowak authored
      Each node allows for global statistic access for full backend-haproxy, which
      is exposed using special frontend, and then transferred back to the master
      partition, so that the administrator can access it.
      8d5910dc
  2. 24 Sep, 2020 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Fix host matching in Haproxy · 65c9c4cb
      Łukasz Nowak authored
      By using regular expressions, matching exact host names up to the optional
      port and putting wildcard matches in the end, the Haproxy acl rules will allow
      to direct request to correct backend.
      65c9c4cb
  3. 22 Jul, 2020 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Keep connection to the backend · 63e91928
      Łukasz Nowak authored
      There is no reason to drop connection to the backend and then reinitate it on
      each request. It's better to keep connected and avoid additional work,
      especially in SSL handshake.
      
      Note: This was kept as the file has been copied from other place (haproxy
            on a backend), and slipped MR review, where MR author wanted to drop it
            anyway.
      63e91928
  4. 17 Jul, 2020 3 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Setup backend client auth · 3be5f4ce
      Łukasz Nowak authored
      By default do not offer authentication certificate, the switch
      authenticate-to-backend can be used on cluster or slave level to control
      this feature.
      3be5f4ce
    • Łukasz Nowak's avatar
      caddy-frontend: Implement log file for backend-haproxy · 5b024d04
      Łukasz Nowak authored
      rsyslogd is used, as haproxy does not support writing log files by its own.
      5b024d04
    • Łukasz Nowak's avatar
      caddy-frontend: Put haproxy just before the backend · ec3d4ae9
      Łukasz Nowak authored
      This is needed in order to provide future support for client certificates
      to the backend.
      
      Also it means that haproxy is used in all cases, with or without cache, and as
      a result the "cached" version of caddy is dropped.
      
      Let haproxy setup maxconn by itself, as it's wise enough.
      
      Also trust that it'll detect and use proper limits, instead enforcing them in
      the shell with ulimit trick (ulimit -n $(ulimit -Hn)).
      
      As empty server alias can impact the configuration, add proper test for
      checking it.
      ec3d4ae9