-- host IP address is 192.168.0.8
-- Apache use ports 9080/90443
-- all HTTP requests on 80 will be redirected to 9080 except flower.databasepro.fr wich will go on 192.168.0.82:80
-- incoming HTTP 443 requests will be redirected to 9433 except flower.databasepro.fr wich will go on 192.168.0.82:443
-- incoming SSH requests on 443 port will be redirected to the port 22
-- incoming OpenVPN requests on 443 port will be redirected to 192.168.0.9:1194


frontend in_80
    bind 192.168.0.8:80
    default_backend out_80_default
    # Define hosts
    acl host_flower hdr(host) -i flower.databasepro.fr
    # Figure out which one to use
    use_backend out_80_flower if host_flower

backend out_80_default
    server sv1 192.168.0.8:9080 maxconn 32

backend out_80_flower
    server sv1 192.168.0.82:80 maxconn 32


frontend in_443
    bind 192.168.0.8:443
    mode tcp
    option tcplog
    tcp-request inspect-delay 5s
    tcp-request content accept if HTTP
    # Define hosts
    acl host_flower hdr(host) -i flower.databasepro.fr
    # Figure out which one to use
    use_backend out_443_flower if { req_ssl_sni -i flower.databasepro.fr }
    use_backend out_443_https if { req.ssl_hello_type 1 }
    use_backend out_ssh if  { payload(0,7) -m bin 5353482d322e30 }
    default_backend openvpn

backend out_443_flower
    server sv1 192.168.0.82:443
    mode tcp


backend out_443_https
    server sv1 192.168.0.8:9443
    mode tcp

backend openvpn
    mode tcp
    server openvpn-server 192.168.0.9:1194

backend out_ssh
    mode tcp
    timeout server 2h
    server ssh-local 192.168.0.8:22