Public Access Proxy
We are using Haproxy to do SNI-based forwarding without opening the TLS connection.
How to add a domain?
To proxy a new domain, it should be added to services.proxy.proxyHosts.
| Option | Usage | 
|---|---|
| hostNames | A list of domain(s) that should be proxied | 
| proxyTo.host | The IP it should be proxied to | 
| proxyTo.httpPort | The http port to proxy to, defaults to 80 | 
| proxyTo.httpsPort | The http port to proxy to, defaults to 443 | 
| proxyTo.proxyHttpPort | The http proxy protocol port to proxy to, defaults to 8080 | 
| proxyTo.proxyHttpsPort | The http proxy protocol port to proxy to, defaults to 8443 | 
| proxyProtocol | If the web server we are proxying to, talks proxy protocol. Please make sure, to do IP filtering. See [] services.nginx.commonServerConfig](../../config/default.nix). | 
| matchArg | Optional arguments to HAProxy req.ssl_sni -i | 
How to forward a port?
This is done in the network repo, to be exact in the site.hosts.upstream4.forwardPorts option.