# this config needs haproxy-1.1.28 or haproxy-1.2.1

global
        log 127.0.0.1   local0 info
        maxconn 4096
        user haproxy
        group haproxy
        daemon

defaults
        log     global
        mode    http
        option  dontlognull
        retries 3
        option redispatch
        maxconn 2000
        contimeout      5000
        clitimeout      50000
        srvtimeout      50000

# --- Frontends ---

frontend http_frontend
        bind *:80
        mode http

        option httplog
        option httpclose
        option forwardfor
        #option httpchk GET /status

        default_backend http_server

        # Let's Encrypt
        acl letsencrypt-request path_beg -i /.well-known/acme-challenge/
        use_backend letsencrypt if letsencrypt-request

frontend https_frontend
        bind *:443
        mode tcp

        default_backend https_server

# --- Backends ---

# Local backend for Let's Encrypt
backend letsencrypt
        mode http
        server letsencrypt 127.0.0.1:8010

# YunoHost HTTP backend
backend http_server
        mode http

        balance roundrobin

        server yunohost_demo1 10.1.5.3:80 check
        server yunohost_demo2 10.1.5.4:80 check

# YunoHost HTTPS backend
backend https_server
        mode tcp

        balance source
        #balance roundrobin
        #stick-table type ip size 200k expire 30m
        #stick on src

        option ssl-hello-chk
        option httpchk GET /status

        server yunohost_demo1 10.1.5.3:443 check
        server yunohost_demo2 10.1.5.4:443 check