Added HAProxy example (#4660)

* Added HAProxy example

Proposal of an example with HAProxy. Asked by #4541.

Signed-off-by: Benoît S. (“Benpro”) <gitlab@benpro.fr>

* Following suggestions of @richvdh

2 files changed, 19 insertions, 0 deletions

diff --git a/changelog.d/4541.feature b/changelog.d/4541.feature
new file mode 100644

index 0000000000..1d0e7bdfdc
--- /dev/null
+++ b/changelog.d/4541.feature
@@ -0,0 +1 @@
+Added an HAProxy example in the reverse proxy documentation. Contributed by Benoît S. (“Benpro”).
diff --git a/docs/reverse_proxy.rst b/docs/reverse_proxy.rst

index d8aaac8a08..242935a62f 100644
--- a/docs/reverse_proxy.rst
+++ b/docs/reverse_proxy.rst
@@ -85,6 +85,24 @@ Let's assume that we expect clients to connect to our server at
           </Location>
       </VirtualHost>
 
+* HAProxy::
+
+      frontend https
+        bind 0.0.0.0:443 v4v6 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
+        bind :::443 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
+        
+        # Matrix client traffic
+        acl matrix hdr(host) -i matrix.example.com
+        use_backend matrix if matrix
+        
+      frontend matrix-federation
+        bind 0.0.0.0:8448 v4v6 ssl crt /etc/ssl/haproxy/synapse.pem alpn h2,http/1.1
+        bind :::8448 ssl crt /etc/ssl/haproxy/synapse.pem alpn h2,http/1.1
+        default_backend matrix
+        
+      backend matrix
+        server matrix 127.0.0.1:8008
+
 You will also want to set ``bind_addresses: ['127.0.0.1']`` and ``x_forwarded: true``
 for port 8008 in ``homeserver.yaml`` to ensure that client IP addresses are
 recorded correctly.