config ghost le boudoir

haproxy.cfg

@@ -136,8 +136,8 @@ frontend https
 	acl n8n-host hdr(host) -i n8n.gyozamancave.fr
 	acl homegit-host hdr(host) -i homegit.gyozamancave.fr
 	acl boudoir-host hdr(host) -i ledigitalboudoir.com
-	acl boudoir-assets path_beg /assets/
-	acl path_og path_beg /og/
+	#acl boudoir-assets path_beg /assets/
+	#acl path_og path_beg /og/
 	
 	use_backend cms if cms-host
 	use_backend links-mtb if links-host
@@ -151,39 +151,41 @@ frontend https
 	use_backend stats-backend if stats-host
 	use_backend n8n-backend if n8n-host
 	use_backend homegit-backend if homegit-host
-	use_backend boudoir-assets-backend if path_og	
-	use_backend boudoir-assets-backend if boudoir-assets
+	#use_backend boudoir-assets-backend if path_og	
+	#use_backend boudoir-assets-backend if boudoir-assets
 	use_backend boudoir-backend if boudoir-host
 
-backend boudoir-assets-backend
-    mode http
+#backend boudoir-assets-backend
+#    mode http
 
     # En-têtes HTTPS corrects pour Directus
-    http-request set-header X-Forwarded-Proto https
-    http-request set-header X-Forwarded-Host ledigitalboudoir.com
-    http-request set-header X-Forwarded-For %[src]
+#    http-request set-header X-Forwarded-Proto https
+#    http-request set-header X-Forwarded-Host ledigitalboudoir.com
+#    http-request set-header X-Forwarded-For %[src]
 
     # Route principale OG :
     # https://ledigitalboudoir.com/og/<id>.jpg
     # → /assets/<id>?format=jpg&width=1200&height=630&fit=contain&bg=black
-    http-request replace-path ^/og/(.*)\.jpg$ /assets/\1?format=jpg&width=1200&height=630&fit=contain&bg=black
+#    http-request replace-path ^/og/(.*)\.jpg$ /assets/\1?format=jpg&width=1200&height=630&fit=contain&bg=black
 
     # Variante cache-busting (ex: .../og/<id>-v2.jpg)
-    http-request replace-path ^/og/(.*)-v[0-9]+\.jpg$ /assets/\1?format=jpg&width=1200&height=630&fit=contain&bg=black
+ #   http-request replace-path ^/og/(.*)-v[0-9]+\.jpg$ /assets/\1?format=jpg&width=1200&height=630&fit=contain&bg=black
 
     # Cache long (1 semaine)
-    http-response set-header Cache-Control public,max-age=604800,immutable
+#    http-response set-header Cache-Control public,max-age=604800,immutable
 
     # Autoriser uniquement assets/uploads
-    acl allowed_assets path_beg /assets/ /uploads/
-    http-request deny unless allowed_assets
+#    acl allowed_assets path_beg /assets/ /uploads/
+#    http-request deny unless allowed_assets
 
     # Serveur Directus interne
-    server directus 192.168.1.107:8055 check
-
+#    server directus 192.168.1.107:8055 check
 
 backend boudoir-backend
-	server boudoir 192.168.1.107:31723 check
+	server boudoir 192.168.1.57:2368
+
+#backend boudoir-backend
+#	server boudoir 192.168.1.107:31723 check
 
 backend homegit-backend
 	server homegit 192.168.1.70:3000
@@ -256,7 +258,10 @@ backend nextcloud
 	# health checking is DISABLED
     	mode http
     	balance source
-    	http-request add-header X-Forwarded-Proto https if { ssl_fc }
+	http-request set-header X-Forwarded-Proto https if { ssl_fc }
+	http-request set-header X-Real-IP %[src]
+	http-request set-header X-Forwarded-For %[src]
+	http-request set-header Host %[req.hdr(host)]
 	# stickiness
     	stick-table type ip size 50k expire 30m  
     	stick on src
@@ -268,7 +273,11 @@ backend nextcloud
         http-request redirect scheme https if http
 	http-response set-header Strict-Transport-Security max-age=15552000
         option ssl-hello-chk
-        server nextcloud 192.168.1.13:5080 #check ssl #verify none
+        server nextcloud 192.168.1.13:5080 #ssl verify none
+	option http-server-close
+    	option httpclose
+    	option forwardfor
+    	http-request set-header Connection "upgrade" if { hdr(Upgrade) -i WebSocket } 
 
 backend funkwhale
 	http-request set-header X-Forwarded-Proto https if { ssl_fc }