global
  maxconn 4096
  user haproxy
  group haproxy

defaults
  mode http
  option forwardfor
  option httpclose
  option httplog
  option dontlognull
  retries 3
  timeout connect 5000
  timeout client 50000
  timeout server 50000

frontend https-in
mode http
  bind *:443 ssl crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/default.pem
  reqadd X-Forwarded-Proto:\ https
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
  {{range gets $hostnames}}
    {{$hostname := .Key}}
    {{$data := json .Value}}
# {{base $hostname}}:
  acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
  acl https_{{base $hostname}} hdr(host) -i www.{{base $hostname}}
  use_backend {{base $hostname}} if https_{{base $hostname}}
  {{end}}
{{end}}

frontend http-in
  bind *:80
{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
  {{range gets $hostnames}}
    {{$hostname := .Key}}
    {{$data := json .Value}}
# {{base $hostname}}:
  acl is_{{base $hostname}} hdr(host) -i {{base $hostname}}
  acl is_{{base $hostname}} hdr(host) -i www.{{base $hostname}}
  use_backend {{base $hostname}} if is_{{base $hostname}}
  {{end}}
{{end}}

{{range $app := lsdir "/services"}}
{{$hostnames := printf "/services/%s/*" $app}}
  {{range gets $hostnames}}
    {{$hostname := .Key}}
    {{$data := json .Value}}
# {{base $hostname}}:
backend {{base $hostname}}
  cookie SERVERID insert nocache indirect
  server Server {{$data.ip}}:{{$data.port}} cookie Server
  {{end}}
{{end}}