diff options
| author | Paul Buetow <paul@buetow.org> | 2025-08-11 15:52:11 +0300 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2025-08-11 15:52:11 +0300 |
| commit | 1230c35c66636f76c2c177a6feeaae862e24ae27 (patch) | |
| tree | cbe206c887033bd3622ac5e82a0732590a5cce22 | |
| parent | fc7360684af097d8520cf659c047f77f8ab9c806 (diff) | |
can push to registry from external
| -rw-r--r-- | frontends/Rexfile | 2 | ||||
| -rw-r--r-- | frontends/etc/relayd.conf.tpl | 14 |
2 files changed, 14 insertions, 2 deletions
diff --git a/frontends/Rexfile b/frontends/Rexfile index d269eb5..033ae2a 100644 --- a/frontends/Rexfile +++ b/frontends/Rexfile @@ -76,7 +76,7 @@ our @dns_zones_remove = qw//; # k3s cluster running on FreeBSD in my LAN our @f3s_hosts = - qw/f3s.buetow.org anki.f3s.buetow.org bag.f3s.buetow.org flux.f3s.buetow.org audiobookshelf.f3s.buetow.org gpodder.f3s.buetow.org radicale.f3s.buetow.org vault.f3s.buetow.org syncthing.f3s.buetow.org uprecords.f3s.buetow.org/; + qw/f3s.buetow.org anki.f3s.buetow.org bag.f3s.buetow.org flux.f3s.buetow.org audiobookshelf.f3s.buetow.org gpodder.f3s.buetow.org radicale.f3s.buetow.org vault.f3s.buetow.org syncthing.f3s.buetow.org uprecords.f3s.buetow.org registry.f3s.buetow.org/; our @acme_hosts = qw/buetow.org git.buetow.org paul.buetow.org dory.buetow.org solarcat.buetow.org blog.buetow.org fotos.buetow.org znc.buetow.org dtail.dev foo.zone stats.foo.zone irregular.ninja alt.irregular.ninja snonux.foo/; push @acme_hosts, @f3s_hosts; diff --git a/frontends/etc/relayd.conf.tpl b/frontends/etc/relayd.conf.tpl index be33f53..1900c0b 100644 --- a/frontends/etc/relayd.conf.tpl +++ b/frontends/etc/relayd.conf.tpl @@ -8,6 +8,13 @@ table <f3s> { 192.168.2.122 } +# Same backends, separate table for registry service on port 30001 +table <f3s_registry> { + 192.168.2.120 + 192.168.2.121 + 192.168.2.122 +} + # Local OpenBSD httpd table <localhost> { 127.0.0.1 @@ -32,14 +39,18 @@ http protocol "https" { pass header "Sec-WebSocket-Protocol" <% for my $host (@$f3s_hosts) { for my $prefix (@prefixes) { -%> + <% if ($host eq 'registry.f3s.buetow.org') { -%> + match request quick header "Host" value "<%= $prefix.$host -%>" forward to <f3s_registry> + <% } else { -%> match request quick header "Host" value "<%= $prefix.$host -%>" forward to <f3s> - <% } } -%> + <% } } } -%> } relay "https4" { listen on <%= $vio0_ip %> port 443 tls protocol "https" forward to <localhost> port 8080 + forward to <f3s_registry> port 30001 check tcp forward to <f3s> port 80 check tcp } @@ -47,6 +58,7 @@ relay "https6" { listen on <%= $ipv6address->($hostname) %> port 443 tls protocol "https" forward to <localhost> port 8080 + forward to <f3s_registry> port 30001 check tcp forward to <f3s> port 80 check tcp } |