Add a method to combine ssl_preread_protocol and ssl_preread_server_name in the stream configuration.

e.g. right now, I can handle SSL-SSH-Port-Multiplexing.
I can also handle SSL-SNI-Passthrough.
But I can't use SSL-SNI-Passthrough together with SSL-SSH-Port-Multiplexing.
This forces me to use haProxy instead, which can do this.


upstream ssh

upstream https_default_backend

upstream daniel_backend

map $ssl_preread_protocol $upstream
default ssh;
"TLSv1.3" https_default_backend;
"TLSv1.2" https_default_backend;
"TLSv1.1" https_default_backend;
"TLSv1" https_default_backend;

map $ssl_preread_server_name $name
localhost daniel_backend;
prodesk daniel_backend; daniel_backend; daniel_backend;
default https_default_backend;

# SSH and SSL on the same port
server {
listen 443;

ssl_preread on;
#proxy_protocol on;

# proxy_pass $upstream;
proxy_pass $name;


Edited 1 time(s). Last edit at 01/10/2021 05:12AM by schmierfink.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 64
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready