From 0bee7dce8c9687ee07500217a5ebfcfccdb11f68 Mon Sep 17 00:00:00 2001
From: Julien Francoz <julien@francoz.net>
Date: Tue, 28 Jan 2020 19:42:48 +0100
Subject: [PATCH 1/2] Add Dockerfile for haproxy + haproxy-lua-acme

---
 Dockerfile | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 Dockerfile

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0f3ba64
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,18 @@
+FROM haproxy:2.1
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+      ca-certificates \
+      curl \
+      lua-json \
+      lua-luaossl \
+ && apt-get clean
+ENV CONFIG_DIR=/usr/local/etc/haproxy/
+# lua http
+RUN curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-http/master/http.lua > /http.lua
+# https://github.com/haproxytech/haproxy-lua-acme
+RUN curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/acme.lua > /acme.lua \
+ && curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/config.lua > /config.lua \
+ && curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/haproxy.cfg > $CONFIG_DIR/haproxy.cfg
+# check conf
+RUN haproxy -c -- $CONFIG_DIR/haproxy.cfg
+

From 8b5a958962adeb75a4dff58f4114862f53eee1b7 Mon Sep 17 00:00:00 2001
From: Julien Francoz <julien@francoz.net>
Date: Tue, 28 Jan 2020 22:15:02 +0100
Subject: [PATCH 2/2] update haproxy configuration

---
 Dockerfile  | 6 +++---
 haproxy.cfg | 7 +++----
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 0f3ba64..7be5faa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,9 +10,9 @@ ENV CONFIG_DIR=/usr/local/etc/haproxy/
 # lua http
 RUN curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-http/master/http.lua > /http.lua
 # https://github.com/haproxytech/haproxy-lua-acme
-RUN curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/acme.lua > /acme.lua \
- && curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/config.lua > /config.lua \
- && curl https://raw.githubusercontent.com/haproxytech/haproxy-lua-acme/master/haproxy.cfg > $CONFIG_DIR/haproxy.cfg
+ADD acme.lua /acme.lua
+ADD config.lua /config.lua
+ADD haproxy.cfg $CONFIG_DIR/haproxy.cfg
 # check conf
 RUN haproxy -c -- $CONFIG_DIR/haproxy.cfg
 
diff --git a/haproxy.cfg b/haproxy.cfg
index 01b666b..5fe431e 100644
--- a/haproxy.cfg
+++ b/haproxy.cfg
@@ -1,5 +1,5 @@
 global
-    log /dev/log local0 debug
+    log stdout  format raw  local0 debug
     daemon
     lua-load config.lua
     lua-load acme.lua
@@ -13,7 +13,7 @@ defaults
     timeout server 10s
 
 listen http
-    bind *:5002
+    bind *:80
     http-request use-service lua.acme if { path_beg /.well-known/acme-challenge/  }
 
 listen acme
@@ -22,6 +22,5 @@ listen acme
 
 listen acme-ca
     bind 127.0.0.1:9012
-    # server ca acme-v02.api.letsencrypt.org:443 ssl verify none
-    server ca 127.0.0.1:4431 ssl verify none
+    server ca acme-v02.api.letsencrypt.org:443 ssl verify none
     http-request set-header Host acme-v02.api.letsencrypt.org