123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 |
- global
- log /dev/log local0
- log /dev/log local1 notice
- # chroot /var/lib/haproxy
- stats timeout 30s
- user haproxy
- group haproxy
- daemon
- external-check
- insecure-fork-wanted
- defaults
- log global
- option httplog
- option dontlognull
- option dontlog-normal
- timeout client 30s
- timeout server 30s
- timeout connect 5s
- # errorfile 400 /etc/haproxy/errors/400.http
- # errorfile 403 /etc/haproxy/errors/403.http
- # errorfile 408 /etc/haproxy/errors/408.http
- # errorfile 500 /etc/haproxy/errors/500.http
- # errorfile 502 /etc/haproxy/errors/502.http
- # errorfile 503 /etc/haproxy/errors/503.http
- # errorfile 504 /etc/haproxy/errors/504.http
- resolvers mydns
- nameserver dns1 1.1.1.1:53
- nameserver dns2 8.8.8.8:53
- resolve_retries 3
- timeout resolve 1s
- timeout retry 1s
- hold other 10s
- hold refused 10s
- hold nx 10s
- hold timeout 10s
- hold valid 10s
- hold obsolete 10s
- ##########################################################################################
- #FRONTENDS:
- ##########################################################################################
- ############## HTTP:
- frontend ft_http
- mode http
- bind *:80
- option httplog
- option forwardfor
- #ACL:
- acl geobaldemo-burdigone_http hdr_dom(host) -i geobaldemo.burdig.one
- #BACKENDS:
- use_backend bk_geobaldemo-burdigone_http if geobaldemo-burdigone_http
- ############ HTTPS_SNI:
- frontend ft_https_sni_global
- bind *:443
- mode tcp
- acl geobaldemo-burdigone_https req.ssl_sni -i geobaldemo.burdig.one
- use_backend bk_geobaldemo-burdigone_https if geobaldemo-burdigone_https
- tcp-request inspect-delay 2s
- tcp-request content reject if !geobaldemo-burdigone_https
- ##########################################################################################
- #BACKENDS:
- ##########################################################################################
- backend bk_redirect_https
- mode http
- redirect scheme https if !{ ssl_fc }
- backend bk_geobaldemo-burdigone_https
- mode tcp
- server srv-geobaldemo-burdigone_https 127.0.0.1:443 check sni req.ssl_sni
- backend bk_geobaldemo-burdigone_http
- mode http
- server srv-geobaldemo-burdigone_http 127.0.0.1:80 check
- listen stats
- bind *:9000
- mode http
- stats enable
- stats uri /stats
- stats realm HAProxy\ Statistics
- stats refresh 20s
- stats show-node
- stats show-legends
- stats show-desc HAPROXY
- stats auth admin:Passw0rd
- stats admin if TRUE
|