HAProxy configuration

I saw no example configuration for HAProxy in your wiki (https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples/).

After some trial and error I configured it myself and would like to submit it to you for the wiki.

This configuration was tested on HA-Proxy version 2.2.2

Please note that this is the bare minimum to get HAProxy working with Bitwarden. Security headers, tls settings and such should be configured as well.


global
log stdout format raw local0 debug
maxconn 2000
daemon

defaults
log global
mode http
option httplog
option dontlognull

frontend http-in
bind *:80
redirect scheme https code 301 if !{ ssl_fc }

frontend https-in
bind *:443 ssl crt /certs/DOMAIN/ alpn h2,http/1.1

#Header hosts
acl host_bitwarden hdr(host) -i bitwarden.DOMAIN.com

#Hosts backends
#It’s important that the websocket comes first here.
#Comment out the first line if you don’t have websocket enabled
use_backend bitwarden-ws if host_bitwarden { path_beg /notifications/hub } !{ path_beg /notifications/hub/negotiate }
use_backend bitwarden if host_bitwarden

#Backends
backend bitwarden-ws
server bitwarden BITWARDEN_HOSTIP/HOSTNAME:3012
backend bitwarden
server bitwarden BITWARDEN_HOSTIP/HOSTNAME:80

Hello @bartkrn,

Thanks you for taking the time to generate an HAProxy script.
If you are confident enough that this works, and maybe can add some pointers to it, like be sure to change these items, have your certificates located in folder X in format Y, then i suggest that you add this to the wiki :).