Allow multiple domains to share the same backend pool using share_with parameter.
This saves pool slots when domains point to the same servers.
- Add share_with parameter to haproxy_add_domain
- Add helper functions for shared domain management
- Protect shared pools from being cleared on domain removal
- Update documentation with pool sharing examples
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Split domain routing into two stages for improved performance:
- Stage 1: map_str for exact domains (O(log n) using ebtree)
- Stage 2: map_dom for wildcards only (O(n) but small set)
Wildcards now stored in separate wildcards.map file.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix haproxy_cmd_batch to send each command on separate connection
(HAProxy Runtime API only processes first command on single connection)
- HTTP frontend now routes to backends instead of redirecting to HTTPS
- Add subdomain detection to avoid duplicate wildcard entries
- Add reload verification with retry logic
- Optimize SSL: TLS 1.3 ciphersuites, extended session lifetime
- Add CPU steal monitoring script
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When adding a domain, now checks if an SSL certificate covers it:
- Exact match: domain.com.pem
- Wildcard match: parent.com.pem with *.parent.com SAN
Output examples:
- "SSL: Using certificate inouter.com (wildcard)"
- "SSL: No certificate found. Use haproxy_issue_cert(...) to issue one."
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
