-
Notifications
You must be signed in to change notification settings - Fork 0
/
haproxy.conf
54 lines (50 loc) · 1.9 KB
/
haproxy.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Edit this file with your actual data and put it into /usr/local/etc/haproxy.conf
# Each machine/site has the same configuration except for the MYSELF and OTHER
# global variables; besides these you must also edit the SITE global variable.
# Uncomment the bind *:443 and *:8443 directives only after creating the SSL certificate
# as explained in the pertinent section of README
global
daemon
maxconn 8192
log /var/run/log local0
setenv MYSELF 'alpha.domain.tld'
setenv OTHER 'beta.domain.tld'
setenv SITE 'api.domain.tld'
setenv THUMB '1234-blaBlaBla-SnafuzBro-Gne123GnegnegnGne'
user haproxy
group haproxy
chroot /var/haproxy
stats socket /var/run/haproxy.stat uid haproxy gid wheel mode 660
ca-base /usr/local/etc/ssl/
defaults
mode http
log global
option httplog
timeout connect 10s
timeout client 50s
timeout server 50s
balance roundrobin
option http-keep-alive
listen api
bind *:80
# bind *:443 ssl crt "/usr/local/etc/ssl/${MYSELF}.pem" no-sslv3
acl ACME path_reg '^/.well-known/acme-challenge/[-_a-zA-Z0-9]+$'
http-request return status 200 content-type text/plain lf-string "%[path,field(-1,/)].${THUMB}\n" if ACME
http-request replace-value Host .* "${SITE}"
option httpchk GET /status
server api01 127.0.0.1:4441 check
server api02 127.0.0.1:4442 check
server api03 127.0.0.1:4443 check
server api04 127.0.0.1:4444 check
server api05 127.0.0.1:4445 check
server failover ${OTHER}:9443 ssl verify required ca-file cert.pem check backup
listen backup
bind *:8080
# bind *:8443 ssl crt "/usr/local/etc/ssl/${MYSELF}.pem" no-sslv3
option httpchk GET /status
http-request replace-value Host .* "${SITE}"
server api01 127.0.0.1:4441 check
server api02 127.0.0.1:4442 check
server api03 127.0.0.1:4443 check
server api04 127.0.0.1:4444 check
server api05 127.0.0.1:4445 check