From df1355ec2dcbe7da33f24685ad82355f863100a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mateusz=20Gruszczy=C5=84ski?= Date: Mon, 3 Nov 2025 11:02:15 +0100 Subject: [PATCH] new options --- utils/haproxy_config.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/utils/haproxy_config.py b/utils/haproxy_config.py index a2f1f39..cd1c276 100644 --- a/utils/haproxy_config.py +++ b/utils/haproxy_config.py @@ -115,16 +115,7 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method, haproxy_cfg.write(f" ssl crt {ssl_cert_path}") haproxy_cfg.write("\n") - - # Mode - haproxy_cfg.write(f" mode {protocol}\n") - - # ===== HOSTNAME ACL ===== - acl_name_sanitized = None - if frontend_hostname: - acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}" - haproxy_cfg.write(f" acl {acl_name_sanitized} hdr(host) -i {frontend_hostname}\n") - + # ===== HTTP-REQUEST RULES (BEFORE REDIRECT) ===== if is_no_lb: @@ -138,7 +129,16 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method, if forward_for: haproxy_cfg.write(f" option forwardfor\n") + + # Mode + haproxy_cfg.write(f" mode {protocol}\n") + # ===== HOSTNAME ACL ===== + acl_name_sanitized = None + if frontend_hostname: + acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}" + haproxy_cfg.write(f" acl {acl_name_sanitized} hdr(host) -i {frontend_hostname}\n") + # DOS protection (BEFORE REDIRECT!) if is_dos: haproxy_cfg.write(f" stick-table type ip size 1m expire {ban_duration} store http_req_rate(1m)\n")