From 79f8c3ac6b5213e2ed6ae29f3dd03a24ebac08e7 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@gmail.com>
Date: Tue, 4 Apr 2023 09:42:15 +0200
Subject: [PATCH] Add HAProxy example

---
 Stateless-Mode.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/Stateless-Mode.md b/Stateless-Mode.md
index 3ff7d98..3b225d3 100644
--- a/Stateless-Mode.md
+++ b/Stateless-Mode.md
@@ -71,6 +71,25 @@ Configure your webserver to respond statelessly to challenges for a given accoun
     ?>
     ```
     _NOTE that this approach uses PHP but something similar could be done with CGI, Perl, Ruby or pretty much any other server-side language._
+
+    ### HAPROXY
+
+    Add the http-request return rule to your configuration:
+    
+    ```
+    global
+        setenv ACCOUNT_THUMBPRINT '6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd'
+        log stderr local0
+        stats socket /var/run/haproxy.sock level admin mode 0666
+
+    frontend web
+        log global
+        option httplog
+        mode  http
+        bind :80
+        bind :443 crt /etc/haproxy/certs/
+        http-request return status 200 content-type text/plain lf-string "%[path,field(-1,/)].${ACCOUNT_THUMBPRINT}\n" if { path_beg '/.well-known/acme-challenge/' }
+``` 
 3. Ok, you can issue cert now.
 
   ```