--- apiVersion: v1 kind: ConfigMap metadata: name: "synapse-werts-untls-shim" namespace: synapse data: haproxy.cfg: | global log stdout format raw local0 stats timeout 30s user haproxy group haproxy defaults log global mode http option httplog option dontlognull balance source timeout connect 5000 timeout client 50000 timeout server 50000 http-reuse never option disable-h2-upgrade frontend http80 bind *:80 http-request capture req.hdr(Host) len 255 default_backend httpnodes backend httpnodes option forwardfor http-request add-header x-forwarded-proto https server s1 synapse-werts.synapse.svc.cluster.local:8008 check frontend stats mode http option httplog bind *:8404 http-request capture req.hdr(X-Forwarded-For) len 64 http-request capture req.hdr(Host) len 255 stats enable stats uri / stats refresh 10s stats admin if LOCALHOST --- apiVersion: apps/v1 kind: Deployment metadata: name: "synapse-werts-untls-shim" namespace: "synapse" annotations: "reloader.stakater.com/auto": "true" spec: replicas: 1 selector: matchLabels: app: "synapse-werts-untls-shim" strategy: type: RollingUpdate template: metadata: labels: app: "synapse-werts-untls-shim" spec: containers: - image: haproxy:latest name: haproxy volumeMounts: - mountPath: /usr/local/etc/haproxy/haproxy.cfg name: config subPath: haproxy.cfg ports: - containerPort: 80 name: http protocol: TCP - containerPort: 8404 name: stats protocol: TCP restartPolicy: Always volumes: - name: config configMap: name: "synapse-werts-untls-shim" --- apiVersion: v1 kind: Service metadata: name: "synapse-werts-untls-shim" namespace: "synapse" spec: ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: http-80 port: 80 protocol: TCP targetPort: http - name: https-8404 port: 8404 protocol: TCP targetPort: stats selector: app: "synapse-werts-untls-shim" type: ClusterIP