global
log stdout local0 debug
defaults
timeout client 5000ms
timeout connect 10000ms
timeout server 10000ms
frontend sni-in
mode tcp
# Bind WITHOUT terminating TLS (just plain TCP)
bind [::]:1443
# Wait up to five seconds for the TLS client hello
tcp-request inspect-delay 5s
# Only accept connections starting with a TLS client hello
tcp-request content accept if { req.ssl_hello_type 1 }
# SNI based forwarding \o/
use_backend one if { req.ssl_sni -i "localhost" }
use_backend two if { req.ssl_sni -i "pluto" }
backend one
server one [::1]:8080
backend two
server two [::1]:8081