panda/DEMO_Geobal
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
DEMO_Geobal/haproxy.cfg
panda d7bfdb5280 Update 'haproxy.cfg' 
changed port from 443 to 10443
2021-12-27 22:31:40 +01:00

102 lines
2.4 KiB
INI
Raw Blame History

global
log /dev/log local0
log /dev/log local1 notice
# chroot /var/lib/haproxy
stats timeout 30s
user haproxy
group haproxy
daemon
external-check
insecure-fork-wanted
defaults
log global
option httplog
option dontlognull
option dontlog-normal
timeout client 30s
timeout server 30s
timeout connect 5s
# errorfile 400 /etc/haproxy/errors/400.http
# errorfile 403 /etc/haproxy/errors/403.http
# errorfile 408 /etc/haproxy/errors/408.http
# errorfile 500 /etc/haproxy/errors/500.http
# errorfile 502 /etc/haproxy/errors/502.http
# errorfile 503 /etc/haproxy/errors/503.http
# errorfile 504 /etc/haproxy/errors/504.http
resolvers mydns
nameserver dns1 1.1.1.1:53
nameserver dns2 8.8.8.8:53
resolve_retries 3
timeout resolve 1s
timeout retry 1s
hold other 10s
hold refused 10s
hold nx 10s
hold timeout 10s
hold valid 10s
hold obsolete 10s
##########################################################################################
#FRONTENDS:
##########################################################################################
############## HTTP:
frontend ft_http
mode http
bind *:80
option httplog
option forwardfor
#ACL:
acl geobaldemo-burdigone_http hdr_dom(host) -i geobaldemo.burdig.one
#BACKENDS:
use_backend bk_geobaldemo-burdigone_http if geobaldemo-burdigone_http
############ HTTPS_SNI:
frontend ft_https_sni_global
bind *:443
mode tcp
acl geobaldemo-burdigone_https req.ssl_sni -i geobaldemo.burdig.one
use_backend bk_geobaldemo-burdigone_https if geobaldemo-burdigone_https
tcp-request inspect-delay 2s
tcp-request content reject if !geobaldemo-burdigone_https
##########################################################################################
#BACKENDS:
##########################################################################################
backend bk_redirect_https
mode http
redirect scheme https if !{ ssl_fc }
backend bk_geobaldemo-burdigone_https
mode tcp
server srv-geobaldemo-burdigone_https 127.0.0.1:10443 check sni req.ssl_sni
backend bk_geobaldemo-burdigone_http
mode http
server srv-geobaldemo-burdigone_http 127.0.0.1:8000 check
listen stats
bind *:9000
mode http
stats enable
stats uri /stats
stats realm HAProxy\ Statistics
stats refresh 20s
stats show-node
stats show-legends
stats show-desc HAPROXY
stats auth admin:Passw0rd
stats admin if TRUE
Reference in a new issue View git blame Copy permalink