Switch to one-line `bind :80,[::]:80` and `bind :443,[::]:443` per review feedback in #522. The v6only flag was self-documentation, not load-bearing: with SO_REUSEADDR (HAProxy's default) and bindv6only=0 the kernel routes v4 packets to the more-specific AF_INET socket regardless. Comment trimmed to match — the v6only paragraph is gone because v6only itself is gone. The shorter form also scales more cleanly when adding ports later, e.g. `bind :8080,[::]:8080` on a new line.

1 неделю назад · a7febc2bf2
--- a/contrib/sni-router/haproxy.cfg
+++ b/contrib/sni-router/haproxy.cfg
@@ -23,12 +23,9 @@ defaults
 
				
				 # --- HTTP :80 — ACME challenges + redirect -----------------------------------
			
 
				
				 
			
 
				
				 frontend http
			
 
				
				-    # Explicit v4 + v6 binds so IPv6 clients are accepted regardless of the
			
 
				
				-    # host's net.ipv6.bindv6only sysctl.  `v6only` on the v6 bind prevents it
			
 
				
				-    # from also accepting v4-mapped connections, which would otherwise
			
 
				
				-    # conflict with the explicit v4 bind on the same port.
			
 
				
				-    bind 0.0.0.0:80
			
 
				
				-    bind [::]:80 v6only
			
 
				
				+    # Explicit v4 + v6 binds so IPv6 clients are accepted regardless of
			
 
				
				+    # the host's net.ipv6.bindv6only sysctl.
			
 
				
				+    bind :80,[::]:80
			
 
				
				     mode http
			
 
				
				 
			
 
				
				     # Let Caddy answer ACME HTTP-01 challenges for Let's Encrypt.
			
@@ -40,8 +37,7 @@ frontend http
 
				
				 # --- TLS :443 — SNI-based routing -------------------------------------------
			
 
				
				 
			
 
				
				 frontend tls
			
 
				
				-    bind 0.0.0.0:443
			
 
				
				-    bind [::]:443 v6only
			
 
				
				+    bind :443,[::]:443
			
 
				
				     tcp-request inspect-delay 5s
			
 
				
				     tcp-request content accept if { req_ssl_hello_type 1 }