Select Git revision
-
nimrod authored
Both host01 and kodi are behind the ns1 router. For completely secure connections, SSL termination should be done on each host. So use HAProxy on ns1 to route HTTPS traffic using the SNI extension and HTTP traffic using the Host header (default to host01). Add tasks to the renew-hosts playbook to issue (or renew) Let's Encrypt certificates on kodi.
nimrod authoredBoth host01 and kodi are behind the ns1 router. For completely secure connections, SSL termination should be done on each host. So use HAProxy on ns1 to route HTTPS traffic using the SNI extension and HTTP traffic using the Host header (default to host01). Add tasks to the renew-hosts playbook to issue (or renew) Let's Encrypt certificates on kodi.
