@PaulGuijt wrote:
Hi All,
Today I started with HAProxy on my Pi at home, read my share of the docs and ventured composing a config.
I feel insecure, especially because I want to keep my SSH access. Therefore I would appreciate any help, and pointers to good resources for help.My situation:
* A DSL line with a fixed IPv4 and IPv6, and a router opening certain ports to my Pi
* A Pi with Debian Jessie up to date and secured with IPTables
* The Pi serves SSH, Apache (80 & 443), home automation 1 (ports x-z) and 2 (port w), WebminI have been advised to use HAProxy to ReverseProxy my home automation server.
I want https://mi_ip/bla/bli specifically go to http://localhost:y/blo/blu.My questions beforehand:
1. Ports I don't mention in the HAProxy config, are they untampered passed on? E.g., will I have full SSH access if I don't mention the SSH port?
2. Does HAProxy have any other advantages on a single Pi? Can it enhance performance and security?
3. Is HAProxy acting before or after IPTables?I made this draft config file:
listen apache mode http bind *:443 server web localhost listen home_automation.1 mode http bind http://*:x/bla/bli server server1 http://localhost:y/blo/blu listen home_automation.2 mode tcp bind *:z server server2 localhost:pApologies if I understand something completely wrong, and thanks for any replies!
Regards,
Paul
Posts: 7
Participants: 2