|
|
|
@ -27,20 +27,7 @@ defaults
|
|
|
|
|
# Allow seamless reloads
|
|
|
|
|
load-server-state-from-file global
|
|
|
|
|
|
|
|
|
|
# Use provided example error pages
|
|
|
|
|
errorfile 400 /usr/local/etc/haproxy/errors/400.http
|
|
|
|
|
errorfile 403 /usr/local/etc/haproxy/errors/403.http
|
|
|
|
|
errorfile 408 /usr/local/etc/haproxy/errors/408.http
|
|
|
|
|
errorfile 500 /usr/local/etc/haproxy/errors/500.http
|
|
|
|
|
errorfile 502 /usr/local/etc/haproxy/errors/502.http
|
|
|
|
|
errorfile 503 /usr/local/etc/haproxy/errors/503.http
|
|
|
|
|
errorfile 504 /usr/local/etc/haproxy/errors/504.http
|
|
|
|
|
|
|
|
|
|
backend dockerbackend
|
|
|
|
|
server dockersocket /var/run/docker.sock
|
|
|
|
|
|
|
|
|
|
frontend dockerfrontend
|
|
|
|
|
bind :2375
|
|
|
|
|
http-request deny unless METH_GET || { env(POST) -m bool }
|
|
|
|
|
http-request deny if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } ! { env(AUTH) -m bool }
|
|
|
|
|
http-request deny if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } ! { env(BUILD) -m bool }
|
|
|
|
@ -62,4 +49,16 @@ frontend dockerfrontend
|
|
|
|
|
http-request deny if { path,url_dec -m reg -i ^(/v[\d\.]+)?/tasks } ! { env(TASKS) -m bool }
|
|
|
|
|
http-request deny if { path,url_dec -m reg -i ^(/v[\d\.]+)?/version } ! { env(VERSION) -m bool }
|
|
|
|
|
http-request deny if { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes } ! { env(VOLUMES) -m bool }
|
|
|
|
|
|
|
|
|
|
server dockersocket /var/run/docker.sock
|
|
|
|
|
|
|
|
|
|
frontend docker-network
|
|
|
|
|
bind :2375
|
|
|
|
|
http-request deny if ! { env(SOCK_NETWORK) -m bool }
|
|
|
|
|
default_backend dockerbackend
|
|
|
|
|
|
|
|
|
|
frontend docker-disk
|
|
|
|
|
bind /run/docker-filtered/docker.sock
|
|
|
|
|
http-request deny if ! { env(SOCK_DISK) -m bool }
|
|
|
|
|
default_backend dockerbackend
|
|
|
|
|
|
|
|
|
|