global
  log /dev/log	local0
  log /dev/log	local1 notice
  pidfile /run/haproxy.pid
  stats timeout 30s
  user haproxy
  group haproxy
  daemon
  maxconn 10000

defaults
  log	global
  mode	http
  option	httplog
  option	dontlognull

listen https
  bind *:443
  mode tcp
  timeout http-request 10m
  timeout connect 10m
  timeout client  10m
  timeout server  10m
  server default {{ wireguard.clients.intersect.ip }}:443 send-proxy

listen http
  bind *:80
  stats enable
  stats show-node
  stats uri /haproxy
  stats auth stats:{{ haproxy.stats_pass }}
  timeout http-request 10m
  timeout connect 10m
  timeout client  10m
  timeout server  10m
  server default {{ wireguard.clients.intersect.ip }}:80 check

{% for port in haproxy.exposed_ports %}

listen expose_{{ port }}
  bind *:{{ port }}
  mode tcp
  server default {{ wireguard.clients.intersect.ip }}:{{ port }}

{% endfor %}