diff --git a/dd-apps/docker/haproxy/Dockerfile b/dd-apps/docker/haproxy/Dockerfile
deleted file mode 100644
index b5a2172..0000000
--- a/dd-apps/docker/haproxy/Dockerfile
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-FROM haproxy:2.3-alpine as production
-RUN apk add openssl certbot py-pip
-RUN pip install pip install certbot-plugin-gandi
-
-
-ADD letsencrypt.sh /
-ADD letsencrypt-check.sh /
-ADD deploy-hook.sh /etc/letsencrypt/renewal-hooks/deploy/
-COPY auto-generate-certs.sh /usr/local/bin/
-COPY docker-entrypoint.sh /usr/local/bin/
-COPY auto-generate-certs.sh /
-RUN rm /docker-entrypoint.sh
-RUN ln -s /usr/local/bin/docker-entrypoint.sh /
-RUN chmod 775 docker-entrypoint.sh
-ADD haproxy.conf /usr/local/etc/haproxy/haproxy.cfg
diff --git a/dd-apps/docker/haproxy/_common/auto-generate-certs.sh b/dd-apps/docker/haproxy/_common/auto-generate-certs.sh
deleted file mode 100755
index 77d6eea..0000000
--- a/dd-apps/docker/haproxy/_common/auto-generate-certs.sh
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-cd /certs
-
-# Self signed cert generic data
-C=CA
-L=Barcelona
-O=localdomain
-CN_CA=$O
-CN_HOST=*.$O
-OU=$O
-
-echo '#### Creating 2048-bit RSA key:'
-openssl genrsa -out ca-key.pem 2048
-
-echo '#### Using the key to create a self-signed certificate to your CA:'
-openssl req -new -x509 -days 9999 -key ca-key.pem -out ca-cert.pem -sha256 \
- -subj "/C=$C/L=$L/O=$O/CN=$CN_CA"
-
-echo '#### Creating server certificate:'
-openssl genrsa -out server-key.pem 2048
-
-echo '#### Creating a certificate signing request for the server:'
-openssl req -new -key server-key.pem -sha256 -out server-key.csr \
- -subj "/CN=$CN_HOST"
-
-echo '#### Creating server certificate:'
-RND=$(( ( RANDOM % 1000 ) + 1 ))
-openssl x509 -req -days 9999 -in server-key.csr -CA ca-cert.pem -CAkey ca-key.pem \
- -set_serial $RND -sha256 -out server-cert.pem
-
-echo '#### Concatenate certs for haprox'
-cat server-cert.pem server-key.pem > chain.pem
-chmod 440 *
diff --git a/dd-apps/docker/haproxy/_common/haproxy-docker-entrypoint.sh b/dd-apps/docker/haproxy/_common/haproxy-docker-entrypoint.sh
deleted file mode 100644
index 178d2e8..0000000
--- a/dd-apps/docker/haproxy/_common/haproxy-docker-entrypoint.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-set -e
-
-prepare.sh
-
-if [ ! -f /certs/chain.pem ]; then
- auto-generate-certs.sh
-fi
-
-# first arg is `-f` or `--some-option`
-if [ "${1#-}" != "$1" ]; then
- set -- haproxy "$@"
-fi
-
-if [ "$1" = 'haproxy' ]; then
- shift # "haproxy"
- # if the user wants "haproxy", let's add a couple useful flags
- # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2")
- # -db -- disables background mode
- set -- haproxy -W -db "$@"
-fi
-
-exec "$@"
diff --git a/dd-apps/docker/haproxy/_common/letsencrypt-hook-deploy-concatenante.sh b/dd-apps/docker/haproxy/_common/letsencrypt-hook-deploy-concatenante.sh
deleted file mode 100755
index 3b3fc34..0000000
--- a/dd-apps/docker/haproxy/_common/letsencrypt-hook-deploy-concatenante.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-cat $RENEWED_LINEAGE/fullchain.pem $RENEWED_LINEAGE/privkey.pem > /certs/chain.pem
-
-kill -SIGUSR2 1
diff --git a/dd-apps/docker/haproxy/_common/letsencrypt-renew-cron.sh b/dd-apps/docker/haproxy/_common/letsencrypt-renew-cron.sh
deleted file mode 100755
index ecb35cf..0000000
--- a/dd-apps/docker/haproxy/_common/letsencrypt-renew-cron.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-certbot renew --cert-name $LETSENCRYPT_DOMAIN
diff --git a/dd-apps/docker/haproxy/_common/letsencrypt.sh b/dd-apps/docker/haproxy/_common/letsencrypt.sh
deleted file mode 100755
index c4f4480..0000000
--- a/dd-apps/docker/haproxy/_common/letsencrypt.sh
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-if [ -f /letsencrypt-hook-deploy-concatenante.sh ]
-then
- mkdir -p /etc/letsencrypt/renewal-hooks/deploy/
- mv /letsencrypt-hook-deploy-concatenante.sh /etc/letsencrypt/renewal-hooks/deploy/concatenate.sh
-fi
-
-if [ -n "$LETSENCRYPT_DOMAIN" -a -n "$LETSENCRYPT_EMAIL" ]
-then
- LETSENCRYPT_DOMAIN="$LETSENCRYPT_DOMAIN" crond
- if [ ! -f /certs/chain.pem ]
- then
- if certbot certonly --standalone -d "$LETSENCRYPT_DOMAIN" -m "$LETSENCRYPT_EMAIL" -n --agree-tos
- then
- RENEWED_LINEAGE="/etc/letsencrypt/live/$LETSENCRYPT_DOMAIN" /etc/letsencrypt/renewal-hooks/deploy/concatenate.sh
- fi
- fi
-fi
diff --git a/dd-apps/docker/haproxy/auto-generate-certs.sh b/dd-apps/docker/haproxy/auto-generate-certs.sh
deleted file mode 100755
index 107507e..0000000
--- a/dd-apps/docker/haproxy/auto-generate-certs.sh
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-mkdir /certs
-cd /certs
-
-# Self signed cert generic data
-C=CA
-L=Barcelona
-O=localdomain
-CN_CA=$O
-CN_HOST=*.$O
-OU=$O
-
-echo '#### Creating 2048-bit RSA key:'
-openssl genrsa -out ca-key.pem 2048
-
-echo '#### Using the key to create a self-signed certificate to your CA:'
-openssl req -new -x509 -days 9999 -key ca-key.pem -out ca-cert.pem -sha256 \
- -subj "/C=$C/L=$L/O=$O/CN=$CN_CA"
-
-echo '#### Creating server certificate:'
-openssl genrsa -out server-key.pem 2048
-
-echo '#### Creating a certificate signing request for the server:'
-openssl req -new -key server-key.pem -sha256 -out server-key.csr \
- -subj "/CN=$CN_HOST"
-
-echo '#### Creating server certificate:'
-RND=$(( ( RANDOM % 1000 ) + 1 ))
-openssl x509 -req -days 9999 -in server-key.csr -CA ca-cert.pem -CAkey ca-key.pem \
- -set_serial $RND -sha256 -out server-cert.pem
-
-
-chmod 440 *
-
-echo '#### Concatenate certs for haprox'
-cat server-cert.pem server-key.pem > /certs/chain.pem
-cd /
diff --git a/dd-apps/docker/haproxy/deploy-hook.sh b/dd-apps/docker/haproxy/deploy-hook.sh
deleted file mode 100755
index 7646991..0000000
--- a/dd-apps/docker/haproxy/deploy-hook.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-echo "Domain(s) $LETSENCRYPT_DNS renewed. Restarting haproxy..."
- cat /etc/letsencrypt/live/$LETSENCRYPT_DNS/fullchain.pem /etc/letsencrypt/live/$LETSENCRYPT_DNS/privkey.pem > /certs/chain.pem
- chmod 440 /certs/chain.pem
- mkdir -p /certs/letsencrypt/$LETSENCRYPT_DNS
- cp /etc/letsencrypt/live/$LETSENCRYPT_DNS/* /certs/letsencrypt/$LETSENCRYPT_DNS/
-
-kill -SIGUSR2 1
diff --git a/dd-apps/docker/haproxy/docker-entrypoint.sh b/dd-apps/docker/haproxy/docker-entrypoint.sh
deleted file mode 100644
index dbae5cf..0000000
--- a/dd-apps/docker/haproxy/docker-entrypoint.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-set -e
-
-# Set debug path password
-PASSWD=$(python3 -c 'import os,crypt,getpass; print(crypt.crypt(os.environ["ADMINAPP_PASSWORD"], crypt.mksalt(crypt.METHOD_SHA512)))')
-sed -i "/^ user admin password/c\ user admin password $ADMINAPP_PASSWORD" /usr/local/etc/haproxy/haproxy.cfg
-
-#/bin/sh /letsencrypt.sh
-
-if [ ! -e "/certs/chain.pem" ]; then
- auto-generate-certs.sh
-fi
-
-# first arg is `-f` or `--some-option`
-if [ "${1#-}" != "$1" ]; then
- set -- haproxy "$@"
-fi
-
-if [ "$1" = 'haproxy' ]; then
- shift # "haproxy"
- # if the user wants "haproxy", let's add a couple useful flags
- # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2")
- # -db -- disables background mode
- set -- haproxy -W -db "$@"
-fi
-
-exec "$@"
diff --git a/dd-apps/docker/haproxy/haproxy.conf b/dd-apps/docker/haproxy/haproxy.conf
deleted file mode 100644
index 1106701..0000000
--- a/dd-apps/docker/haproxy/haproxy.conf
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-resolvers mydns
- nameserver dns1 127.0.0.11:53
-
-global
-# debug
- daemon
- log 127.0.0.1 local0
- tune.ssl.default-dh-param 2048
-
- defaults
- mode http
- timeout connect 120s
- timeout client 120s
- timeout client-fin 120s
- timeout server 120s
- timeout tunnel 7200s
- option http-server-close
- option httpclose
- log global
- option httplog
- backlog 4096
- maxconn 2000
- option tcpka
-
-frontend website
- mode http
- bind :80
- redirect scheme https if !{ ssl_fc }
- bind :443 ssl crt /certs/chain.pem
-
- acl is_nextcloud hdr_beg(host) nextcloud.
- acl is_moodle hdr_beg(host) moodle.
- acl is_jitsi hdr_beg(host) jitsi.
-
- use_backend be_nextcloud if is_nextcloud
- use_backend be_moodle if is_moodle
- use_backend be_jitsi if is_jitsi
-
- default_backend be_moodle
-
-backend be_moodle
- mode http
- acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
- acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
- http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
- http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
- server moodle moodle:8080 check port 8080 inter 5s rise 2 fall 10 resolvers mydns init-addr none
-
-backend be_nextcloud
- mode http
- acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
- acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
- http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
- http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
- server nextcloud nextcloud:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
-
-backend be_jitsi
- mode http
- acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
- acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
- http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
- http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
- server jitsi jitsi:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
-
- listen stats
- bind 0.0.0.0:8888
- mode http
- stats enable
- option httplog
- stats show-legends
- stats uri /haproxy
- stats realm Haproxy\ Statistics
- stats refresh 5s
- #stats auth staging:pep1n1ll0
- #acl authorized http_auth(AuthUsers)
- #stats http-request auth unless authorized
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
-
-userlist AuthUsers
- user admin password $6$grgQMVfwI0XSGAQl$2usaQC9LVXXXYHtSkGUf74CIGsiH8fi/K.V6DuKSq0twPkmFGP2vL/b//Ulp2I4xBEZ3eYDhUbwBPK8jpmsbo.
diff --git a/dd-apps/docker/haproxy/haproxy.yml b/dd-apps/docker/haproxy/haproxy.yml
deleted file mode 100644
index 3610ac7..0000000
--- a/dd-apps/docker/haproxy/haproxy.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-version: '3.7'
-services:
- dd-apps-haproxy:
- build:
- context: ${BUILD_APPS_ROOT_PATH}/docker/haproxy
- dockerfile: Dockerfile
- target: production
- container_name: dd-apps-haproxy
- restart: unless-stopped
- environment:
- - ADMINAPP_PASSWORD=${ADMINAPP_PASSWORD}
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - ${SRC_FOLDER}/haproxy:/certs:rw
- networks:
- - dd_net
- ports:
- - published: 80
- target: 80
- - published: 443
- target: 443
diff --git a/dd-apps/docker/haproxy/letsencrypt-check.sh b/dd-apps/docker/haproxy/letsencrypt-check.sh
deleted file mode 100755
index 8504cd2..0000000
--- a/dd-apps/docker/haproxy/letsencrypt-check.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-trap exit TERM
-while :
-do
- sleep 12h
- certbot renew --http-01-port 8888
-done
diff --git a/dd-apps/docker/haproxy/letsencrypt.sh b/dd-apps/docker/haproxy/letsencrypt.sh
deleted file mode 100755
index 955a2a4..0000000
--- a/dd-apps/docker/haproxy/letsencrypt.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-RENEW=0
-if [[ ! -f /certs/chain.pem && ! -z "$LETSENCRYPT_EMAIL" && ! -z "$LETSENCRYPT_DNS" ]]; then
- /usr/bin/certbot certonly --standalone -d "$LETSENCRYPT_DNS" -m "$LETSENCRYPT_EMAIL" -n --agree-tos
- if [[ $? == 0 ]] ; then
- cat /etc/letsencrypt/live/$LETSENCRYPT_DNS/fullchain.pem /etc/letsencrypt/live/$LETSENCRYPT_DNS/privkey.pem > /certs/chain.pem
- chmod 440 /certs/chain.pem
- mkdir -p /certs/letsencrypt/$LETSENCRYPT_DNS
- cp /etc/letsencrypt/live/$LETSENCRYPT_DNS/* /certs/letsencrypt/$LETSENCRYPT_DNS/
- RENEW=1
- fi
-fi
-
-if [ $RENEW == 1 ]; then
- /bin/sh -c '/letsencrypt-check.sh' &
-fi
diff --git a/dd-apps/docker/haproxy/prepare.sh b/dd-apps/docker/haproxy/prepare.sh
deleted file mode 100755
index 5df8cfb..0000000
--- a/dd-apps/docker/haproxy/prepare.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-# Set debug path password
-PASSWD=$(python3 -c 'import os,crypt,getpass; print(crypt.crypt(os.environ["WEBAPP_ADMIN_PWD"], crypt.mksalt(crypt.METHOD_SHA512)))')
-sed -i "/^ user admin password/c\ user admin password $ADMIN_PWD" /usr/local/etc/haproxy/haproxy.cfg
-
-#LETSENCRYPT_DOMAIN="$WEBAPP_LETSENCRYPT_DNS" LETSENCRYPT_EMAIL="$WEBAPP_LETSENCRYPT_EMAIL"
-letsencrypt.sh
diff --git a/dd-sso/docker/haproxy/Dockerfile b/dd-sso/docker/haproxy/Dockerfile
index 239a620..e8fdf86 100644
--- a/dd-sso/docker/haproxy/Dockerfile
+++ b/dd-sso/docker/haproxy/Dockerfile
@@ -33,4 +33,5 @@ COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s /usr/local/bin/docker-entrypoint.sh /
RUN chmod 775 docker-entrypoint.sh
-ADD ${HAPROXY_CONF:-haproxy.conf} /usr/local/etc/haproxy/haproxy.cfg
+ADD haproxy.conf /usr/local/etc/haproxy/haproxy.normal.cfg
+ADD haproxy.proxy-protocol.conf /usr/local/etc/haproxy/haproxy.proxy-protocol.cfg
diff --git a/dd-sso/docker/haproxy/docker-entrypoint.sh b/dd-sso/docker/haproxy/docker-entrypoint.sh
index af96f96..ade9bce 100644
--- a/dd-sso/docker/haproxy/docker-entrypoint.sh
+++ b/dd-sso/docker/haproxy/docker-entrypoint.sh
@@ -1,6 +1,7 @@
#!/bin/sh
#
# Copyright © 2021,2022 IsardVDI S.L.
+# Copyright © 2022 Evilham
#
# This file is part of DD
#
@@ -20,9 +21,7 @@
# SPDX-License-Identifier: AGPL-3.0-or-later
set -e
-# Set debug path password
-PASSWD=$(python3 -c 'import os,crypt,getpass; print(crypt.crypt(os.environ["KEYCLOAK_PASSWORD"], crypt.mksalt(crypt.METHOD_SHA512)))')
-sed -i "/^ user admin password/c\ user admin password $PASSWD" /usr/local/etc/haproxy/haproxy.cfg
+ln -sf /usr/local/etc/haproxy/${HAPROXY_CFG:-haproxy.normal.cfg} /usr/local/etc/haproxy/haproxy.cfg
LETSENCRYPT_DOMAIN="$DOMAIN" letsencrypt.sh
diff --git a/dd-sso/docker/haproxy/haproxy-docker-entrypoint.sh b/dd-sso/docker/haproxy/haproxy-docker-entrypoint.sh
deleted file mode 100644
index 178d2e8..0000000
--- a/dd-sso/docker/haproxy/haproxy-docker-entrypoint.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-#
-# Copyright © 2021,2022 IsardVDI S.L.
-#
-# This file is part of DD
-#
-# DD is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or (at your
-# option) any later version.
-#
-# DD is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with DD. If not, see .
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-set -e
-
-prepare.sh
-
-if [ ! -f /certs/chain.pem ]; then
- auto-generate-certs.sh
-fi
-
-# first arg is `-f` or `--some-option`
-if [ "${1#-}" != "$1" ]; then
- set -- haproxy "$@"
-fi
-
-if [ "$1" = 'haproxy' ]; then
- shift # "haproxy"
- # if the user wants "haproxy", let's add a couple useful flags
- # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2")
- # -db -- disables background mode
- set -- haproxy -W -db "$@"
-fi
-
-exec "$@"
diff --git a/dd-sso/docker/haproxy/haproxy.proxy-protocol.conf b/dd-sso/docker/haproxy/haproxy.proxy-protocol.conf
index c86c526..e433219 100644
--- a/dd-sso/docker/haproxy/haproxy.proxy-protocol.conf
+++ b/dd-sso/docker/haproxy/haproxy.proxy-protocol.conf
@@ -84,7 +84,6 @@ frontend website
use_backend be_wp if is_wp
use_backend be_etherpad if is_pad
use_backend be_admin if is_sso { path_beg /socket.io }
- use_backend be_adminer if is_sso { path_beg /dd-sso-adminer }
use_backend be_admin if is_admin
use_backend be_sso if is_sso
use_backend be_api if is_api