Jake Howard
33fcf1a9e5
Apparently this has been broken since like March... It seems communication over port 8448 is required for server-to-server comms, even if the client doesn't use it.
16 lines
427 B
Text
16 lines
427 B
Text
[haproxy]
|
|
enabled = true
|
|
bantime = 600
|
|
findtime = 10
|
|
maxretry = 100
|
|
filter = haproxy-basic
|
|
backend = systemd
|
|
journalmatch = _COMM=haproxy
|
|
port = http,https,8448
|
|
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|
|
|
|
[traefik]
|
|
enabled = true
|
|
filter = haproxy-basic # Not actually used
|
|
port = http,https,8448
|
|
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|