diff options
| author | Georg <georg@lysergic.dev> | 2024-02-20 17:15:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-20 16:15:58 +0000 |
| commit | 7c1c011942ebeb7ab781ccb3640922290159a98c (patch) | |
| tree | af5b69be14a83521af14a325fb79623041c6b6b8 | |
| parent | Don't lock up when joining large rooms (#16903) (diff) | |
| download | synapse-7c1c011942ebeb7ab781ccb3640922290159a98c.tar.xz | |
Add HAProxy example for single port operation (#16768)
| -rw-r--r-- | changelog.d/16768.doc | 1 | ||||
| -rw-r--r-- | docs/reverse_proxy.md | 19 |
2 files changed, 20 insertions, 0 deletions
diff --git a/changelog.d/16768.doc b/changelog.d/16768.doc new file mode 100644 index 0000000000..4f574c2ac6 --- /dev/null +++ b/changelog.d/16768.doc @@ -0,0 +1 @@ +Add HAProxy example for single port operation to reverse proxy documentation. Contributed by Georg Pfuetzenreuter (@tacerus). diff --git a/docs/reverse_proxy.md b/docs/reverse_proxy.md index de72fbde96..7128af114e 100644 --- a/docs/reverse_proxy.md +++ b/docs/reverse_proxy.md @@ -186,6 +186,25 @@ Example configuration, if using a UNIX socket. The configuration lines regarding backend matrix server matrix unix@/run/synapse/main_public.sock ``` +Example configuration when using a single port for both client and federation traffic. +``` +frontend https + bind *:443,[::]:443 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1 + http-request set-header X-Forwarded-Proto https if { ssl_fc } + http-request set-header X-Forwarded-Proto http if !{ ssl_fc } + http-request set-header X-Forwarded-For %[src] + + acl matrix-host hdr(host) -i matrix.example.com matrix.example.com:443 + acl matrix-sni ssl_fc_sni matrix.example.com + acl matrix-path path_beg /_matrix + acl matrix-path path_beg /_synapse/client + + use_backend matrix if matrix-host matrix-path + use_backend matrix if matrix-sni + +backend matrix + server matrix 127.0.0.1:8008 +``` [Delegation](delegate.md) example: ``` |