Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- global
- log /dev/log local0
- log /dev/log local1 notice
- maxconn 10000
- user haproxy
- group haproxy
- spread-checks 0
- tune.ssl.default-dh-param 1024
- ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
- defaults
- log global
- mode http
- option httplog
- option dontlognull
- option redispatch
- retries 1
- timeout queue 20000
- timeout connect 5000
- timeout client 50000
- timeout server 50000
- frontend haproxy-0-10000
- bind 0.0.0.0:10000
- default_backend haproxy_monitoring
- mode http
- acl allowed_cidr src 127.0.0.1/32
- http-request deny unless allowed_cidr
- backend haproxy_monitoring
- mode http
- stats enable
- stats uri /
- stats realm Haproxy\ Statistics
- stats auth haproxy:hCZghJnqC67z5GZPGLNr
- stats refresh 3
- frontend haproxy-0-444
- bind 0.0.0.0:444 ssl crt /var/lib/haproxy/default.pem no-sslv3
- default_backend haproxy_service_be
- http-request set-header X-Forwarded-Proto https
- redirect prefix https://www.canonical.com code 301 unless { hdr(host) -i www.canonical.com }
- backend haproxy_service_be
- balance leastconn
- option httpchk HEAD / HTTP/1.0
- http-response set-header X-Robots-Tag all
- server webapp-0-8080 10.25.12.166:8080 check inter 10000 rise 2 fall 5 maxconn 512
- server webapp-1-8080 10.25.12.167:8080 check inter 10000 rise 2 fall 5 maxconn 512
- frontend haproxy-0-81
- bind 0.0.0.0:81
- default_backend secure-redirect_be
- redirect prefix https://www.canonical.com code 301 unless { hdr(host) -i www.canonical.com }
- redirect scheme https code 301 if !{ ssl_fc }
- backend secure-redirect_be
- frontend haproxy-0-80
- bind 0.0.0.0:80
- default_backend secure-redirect
- mode tcp
- option tcplog
- backend secure-redirect
- mode tcp
- option tcplog
- balance leastconn
- server haproxy-0 10.25.12.164:81 check
- server haproxy-1 10.25.12.165:81 check backup
- frontend haproxy-0-80
- bind 0.0.0.0:80
- default_backend haproxy_service
- mode tcp
- option tcplog
- backend haproxy_service
- mode tcp
- option tcplog
- balance leastconn
- server haproxy-0 10.25.12.164:444 check
- server haproxy-1 10.25.12.165:81 check backup
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement