global
  log stdout format raw local0
  # stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
  stats timeout 30s

defaults
  log global
  mode http
  option httplog
  retries 3
  maxconn 2000
  timeout connect 5s
  timeout client 50s
  timeout server 50s
  timeout http-request 10s
  timeout http-keep-alive 2s
  timeout queue 5s
  timeout tunnel 2m
  timeout client-fin 1s
  timeout server-fin 1s


#Application Setup
frontend ContentSwitching
  bind *:80 v4v6
  bind *:443 v4v6 ssl crt /var/lib/acme/audiobookshelf.tmmworkshop.com/full.pem crt /var/lib/acme/cache.tmmworkshop.com/full.pem crt /var/lib/acme/jellyfin.tmmworkshop.com/full.pem crt /var/lib/acme/share.tmmworkshop.com/full.pem crt /var/lib/acme/gitea.tmmworkshop.com/full.pem
  mode  http

  # ACME challenge routing (must be first)
  acl is_acme path_beg /.well-known/acme-challenge/
  use_backend acme_challenge if is_acme

  # tmmworkshop.com
  acl host_audiobookshelf  hdr(host) -i audiobookshelf.tmmworkshop.com
  acl host_cache  hdr(host) -i cache.tmmworkshop.com
  acl host_jellyfin  hdr(host) -i jellyfin.tmmworkshop.com
  acl host_share  hdr(host) -i share.tmmworkshop.com
  acl host_gitea  hdr(host) -i gitea.tmmworkshop.com

  # Hosts allowed to serve plain HTTP (add entries to skip the HTTPS redirect)
  acl allow_http hdr(host) -i __none__
  # acl allow_http hdr(host) -i example.tmmworkshop.com

  # Redirect all HTTP to HTTPS unless on the allow list or ACME challenge
  http-request redirect scheme https code 301 if !{ ssl_fc } !allow_http !is_acme

  use_backend audiobookshelf_nodes if host_audiobookshelf
  use_backend cache_nodes  if host_cache
  use_backend jellyfin if host_jellyfin
  use_backend share_nodes  if host_share
  use_backend gitea  if host_gitea

backend acme_challenge
  mode http
  server acme 127.0.0.1:8402

backend audiobookshelf_nodes
  mode http
  server server 127.0.0.1:8000

backend cache_nodes
  mode http
  server server 127.0.0.1:5000

backend jellyfin
    option httpchk
    option forwardfor
    http-check send meth GET uri /health
    http-check expect string Healthy
    server jellyfin 127.0.0.1:8096

backend share_nodes
  mode http
  server server 127.0.0.1:8091

backend gitea
  mode http
  server server 127.0.0.1:6443