This repository provides a customized HAProxy which acts as a SSL-terminating frontend to Varnish. HAProxy will generate SSL certificates based on Devilbox CA to ensure you have valid HTTPS for local development.
This Docker image is very customized to fit the Devilbox and will probably not work without it.
| Docker Hub | Upstream Project |
|---|---|
 |
 |
In case you seek help, go and visit the community pages.
|
|
|
| devilbox.readthedocs.io | gitter.im/devilbox | devilbox.discourse.group |
# Build the Docker image locally
make build
# Rebuild the Docker image locally without cache
make rebuild
# Test the Docker image after building
make testNote: All variables are required for HAProxy to startup.
| Variable | Default value | Description |
|---|---|---|
| BACKEND_ADDR | `` | Hostname or IP of backend service to connect to over HTTP. |
| BACKEND_PORT | `` | HTTP port of backend service to connectto over HTTP. |
| DEVILBOX_UI_SSL_CN | `` | Comma separated list of domain names and/or wildcards for which to generate SSL certificates by default |
| TLD_SUFFIX | `` | Devilbox TLD_SUFFIX (e.g.: loc) to append to all domains, which is required for SSL certificate generation |
Note: All mountpoints are required for HAProxy to startup.
| Container path | Description |
|---|---|
| /ca/ | Expects Devilbox CA files to be mounted there. Two files must be present: devilbox-ca.key and devilbox-ca.crt |
| /shared/httpd | Expects Devilbox project directories to be present for SSL certificate generation via watcherd |
By default HAProxy will be available via 80 (for HTTP) and via 443 (for HTTPS offloading).
The following shows a Docker Compose example to use Varnish and HAProxy as an SSL offloading proxy in front of it.
version: '2.1'
services:
varnish:
image: devilbox/varnish:${VARNISH_SERVER:-6}-0.3
hostname: varnish
ports:
- "${LOCAL_LISTEN_ADDR}${HOST_PORT_VARNISH:-6081}:6081"
networks:
app_net:
ipv4_address: 172.16.238.230
environment:
- VARNISH_CONFIG=/etc/varnish/default.vcl
- CACHE_SIZE=${VARNISH_CACHE_SIZE:-128m}
- VARNISHD_PARAMS=${VARNISH_PARAMS:--p default_ttl=3600 -p default_grace=3600}
- BACKEND_HOST=httpd
- BACKEND_PORT=80
volumes:
- ${DEVILBOX_PATH}/cfg/varnish-${VARNISH_SERVER:-6}:/etc/varnish.d
depends_on:
- bind
- php
- httpd
haproxy:
image: devilbox/haproxy:0.1
hostname: haproxy
ports:
- "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY:-8080}:80"
- "${LOCAL_LISTEN_ADDR}${HOST_PORT_HAPROXY_SSL:-8443}:443"
networks:
app_net:
ipv4_address: 172.16.238.231
environment:
- BACKEND_ADDR=varnish
- BACKEND_PORT=6081
- DEVILBOX_UI_SSL_CN
- TLD_SUFFIX
volumes:
# Certificate Authority public key
- ${DEVILBOX_PATH}/ca:/ca:rw${MOUNT_OPTIONS}
# Mount custom mass virtual hosting
- ${HOST_PATH_HTTPD_DATADIR}:/shared/httpd:rw${MOUNT_OPTIONS}
depends_on:
- bind
- php
- httpd
- varnishCopyright (c) 2019 cytopia