Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add back dataplaneapi in anticipation of using it to control haproxy rather than haproxy-sdk runtime socket

Browse Source
This commit is contained in:
Thomas Lynch
2023-02-12 13:17:03 +11:00
parent 4e3beaf66d
commit 875e9e5edd
5 changed files with 53 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docker-compose.yml
View File

@ -5,11 +5,14 @@ services:
network_mode: host network_mode: host
ports: ports:
- 80:80 - 80:80
# - 2000:2000 #runtime api
# - 2001:2001 #dataplaneapi
build: build:
context: ./ context: ./
dockerfile: haproxy/Dockerfile dockerfile: haproxy/Dockerfile
volumes: volumes:
- ./haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg - ./haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg
- ./haproxy/dataplaneapi.hcl:/etc/haproxy/dataplaneapi.hcl
- ./haproxy/map/:/etc/haproxy/map/ - ./haproxy/map/:/etc/haproxy/map/
- ./haproxy/template/:/etc/haproxy/template/ - ./haproxy/template/:/etc/haproxy/template/
- ./src/lua/scripts/:/etc/haproxy/scripts/ - ./src/lua/scripts/:/etc/haproxy/scripts/

8
haproxy/Dockerfile
View File

@ -17,7 +17,8 @@ RUN set -eux; \
--uid 99 \ --uid 99 \
haproxy haproxy
ENV HAPROXY_URL http://www.haproxy.org/download/2.6/src/snapshot/haproxy-ss-LATEST.tar.gz ENV HAPROXY_URL http://www.haproxy.org/download/2.7/src/snapshot/haproxy-ss-LATEST.tar.gz
ENV DATAPLANEAPI_URL https://github.com/haproxytech/dataplaneapi/releases/download/v2.7.2/dataplaneapi_2.7.2_Linux_x86_64.tar.gz
# see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments # see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments
RUN set -eux; \ RUN set -eux; \
@ -37,6 +38,11 @@ RUN set -eux; \
; \ ; \
rm -rf /var/lib/apt/lists/*; \ rm -rf /var/lib/apt/lists/*; \
\ \
wget -O dataplaneapi_Linux_x86_64.tar.gz "$DATAPLANEAPI_URL"; \
tar -zxvf dataplaneapi_Linux_x86_64.tar.gz; \
chmod +x build/dataplaneapi; \
cp build/dataplaneapi /usr/local/bin/; \
\
wget -O haproxy.tar.gz "$HAPROXY_URL"; \ wget -O haproxy.tar.gz "$HAPROXY_URL"; \
# echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c; \ # echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c; \
mkdir -p /usr/src/haproxy; \ mkdir -p /usr/src/haproxy; \

27
haproxy/dataplaneapi.hcl Normal file
View File

@ -0,0 +1,27 @@
config_version = 2
name = "basedflare"
mode = "single"
dataplaneapi {
host = "127.0.0.1"
port = 2001
user "admin" {
insecure = true
password = "admin"
}
transaction {
transaction_dir = "/tmp/haproxy"
}
advertised {}
}
haproxy {
config_file = "/etc/haproxy/haproxy.cfg"
haproxy_bin = "/usr/local/sbin/haproxy"
reload {
reload_delay = 5
reload_cmd = "service haproxy reload"
restart_cmd = "service haproxy restart"
reload_strategy = "custom"
}
}

26
haproxy/haproxy.cfg
View File

@ -18,17 +18,21 @@ defaults
timeout server 50000ms timeout server 50000ms
timeout tarpit 5000ms timeout tarpit 5000ms
#frontend stats-frontend # program api
# bind *:2000 # command dataplaneapi -f /etc/haproxy/dataplaneapi.hcl --update-map-files
# option tcplog # no option start-on-reload
# mode tcp #
# acl white_list src xxx.xxx.xxx.xxx # frontend stats-frontend
# tcp-request connection reject unless white_list # bind *:2000
# default_backend stats-backend # option tcplog
# mode tcp
#backend stats-backend # acl white_list src 127.0.0.1
# mode tcp # tcp-request connection reject unless white_list
# server stats-localhost 127.0.0.1:1999 # default_backend stats-backend
#
# backend stats-backend
# mode tcp
# server stats-localhost 127.0.0.1:1999
frontend http-in frontend http-in

2
haproxy/map/ddos.map
View File

@ -1,2 +1,2 @@
localhost 1 localhost 1
localhost/captcha 2 localhost/test 2