high-availability dns setup using cloudflare + haproxy with automatic failover and gitops deployment.
- cloudflare dns: primary dns provider with health checks
- google dns: secondary dns provider for redundancy
- target ips: round-robin with health checks across both providers
- wildcard certificates: dns-01 challenges via cloud provider for automated cert management
- primary haproxy: main load balancer instance
- secondary haproxy: backup load balancer instance
- configuration: point-to-point forwarding for l4/l7 traffic
- certs: mounted from shared storage (automated renewal)
- containers: application containers on both nodes
- service: main application service running on both nodes
- vlan: isolated network between haproxy and containers
- source: github repos (sdn proxy + standard repos)
- process: json config → haproxy.cfg generation → github actions deployment
- automation: git-based deployments per pr merge
- stateless services with identical state across nodes
- data replication for consistency
- observable logic in repositories for transparency
- admin access required for dns zone management
- service accounts for dns-01 challenges
- automated certificate lifecycle management
- health checks at dns and haproxy levels
- vlan connectivity monitoring
- certificate expiry tracking
- haproxy stats endpoints
- external monitoring via gatus or similar
github repos → json service definitions → haproxy.cfg + map files → deployment
dns-01 challenge → cloud storage → shared cert storage → haproxy reload
github actions → vlan ip assignment → application service start
- scripts for generating haproxy configurations
- deployment automation tools
- configuration templates
- backups from server configurations
- deployed file archives
- rollback configurations