Skip to content
Snippets Groups Projects
Commit 8cd30e16 authored by nimrod's avatar nimrod
Browse files

Router: Route SSH through HAProxy. 

Use the HTTPS port so I can break out from restricted networks.
parent 0153391a
No related branches found
No related tags found
No related merge requests found
Pipeline #3736 waiting for manual action
Stage: .pre
Stage: build
Stage: deploy
Hide whitespace changes
Inline Side-by-side
Ansible/roles/router/files/haproxy.cfg
+ 8
1
View file @ 8cd30e16
......@@ -58,12 +58,19 @@ frontend https
acl private_ip src 62.219.131.121
acl shore_ip src 62.219.131.121
acl shore_ip src 163.172.74.36
acl ssh req.payload(0,7) -m str "SSH-2.0"
acl ssl req_ssl_hello_type 1
tcp-request content reject if lam !private_ip
tcp-request content reject if auth !shore_ip !private_ip
tcp-request content accept if { req_ssl_hello_type 1 }
tcp-request content accept if ssh ssl
use_backend kodi_https if kodi
use_backend localhost_ssh if ssh
default_backend host01_https
backend localhost_ssh
mode tcp
server ns1 127.0.0.1:22 check
backend host01_http
mode http
option forwardfor
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment