Info
An easy to use HAProxy container with Certbot, stats, LetsEncrypt and custom error handling with Rsyslog to view...
Redirecting all the logs from Rsyslog to the standard out device makes HAProxy logs play nice with docker default logging.
It also has the upside of allowing us to not be concerned about log rotation from within the load-balancer container.
The default config Listens on port 80 (http) if URI is LetsEncrypt request, it will then forward to certbot. All other requests it will be redirect to 443 (https). Listens on port 443 (https) and forwards all requests to default_backend. Listens on port 666 (http) for HAProxy stats with authentication enabled user (foo) password (bar)
Quick guide
docker run -it --rm -p 80:80 -p 443:443 -v $(PWD)/haproxy.cfg:/etc/haproxy.cfg -v $(PWD)/certs:/certs whumphrey/haproxyDetailed guide
Mounts
SSL certificates
mkdir certs && cd certs
openssl req -x509 -nodes -days 11297 -newkey rsa:2048 -keyout local.key -out local.pem -config ../wildcard.cnf -sha256
cat local.pem local.key > wildcard.pemHAProxy Stats
If you set enabled HAProxy Stats by setting the ENABLE_STATS varable to true then open a webpage and visit: http://localhost:666
The default username and password is (foo / bar)
Imaging
docker build -t whumphrey/haproxy .
docker run -it --rm -p 80:80 -p 443:443 -p 666:666 -e ENABLE_STATS=TRUE whumphrey/haproxy
docker run -it --rm -p 80:80 -p 443:443 -p 666:666 -e ENABLE_STATS=TRUE -v $(PWD)/my_haproxy.cfg:/etc/haproxy/proxy.cfg -v $(PWD)/certs:/certs whumphrey/haproxy