summary refs log tree commit diff
path: root/docs/reverse_proxy.md
diff options
context:
space:
mode:
authorGeorg <georg@lysergic.dev>2024-02-20 17:15:58 +0100
committerGitHub <noreply@github.com>2024-02-20 16:15:58 +0000
commit7c1c011942ebeb7ab781ccb3640922290159a98c (patch)
treeaf5b69be14a83521af14a325fb79623041c6b6b8 /docs/reverse_proxy.md
parentDon't lock up when joining large rooms (#16903) (diff)
downloadsynapse-7c1c011942ebeb7ab781ccb3640922290159a98c.tar.xz
Add HAProxy example for single port operation (#16768)
Diffstat (limited to 'docs/reverse_proxy.md')
-rw-r--r--docs/reverse_proxy.md19
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/reverse_proxy.md b/docs/reverse_proxy.md
index de72fbde96..7128af114e 100644
--- a/docs/reverse_proxy.md
+++ b/docs/reverse_proxy.md
@@ -186,6 +186,25 @@ Example configuration, if using a UNIX socket. The configuration lines regarding
 backend matrix
   server matrix unix@/run/synapse/main_public.sock
 ```
+Example configuration when using a single port for both client and federation traffic.
+```
+frontend https
+  bind *:443,[::]:443 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
+  http-request set-header X-Forwarded-Proto https if { ssl_fc }
+  http-request set-header X-Forwarded-Proto http  if !{ ssl_fc }
+  http-request set-header X-Forwarded-For %[src]
+
+  acl matrix-host hdr(host) -i matrix.example.com matrix.example.com:443
+  acl matrix-sni  ssl_fc_sni   matrix.example.com
+  acl matrix-path path_beg     /_matrix
+  acl matrix-path path_beg     /_synapse/client
+
+  use_backend matrix if matrix-host matrix-path
+  use_backend matrix if matrix-sni
+
+backend matrix
+  server matrix 127.0.0.1:8008
+```
 
 [Delegation](delegate.md) example:
 ```