API tools faq
paste
Advertisement
nottrobin

Untitled

nottrobin
Dec 6th, 2016
21
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 2.90 KB | None | 0 0
raw download clone embed print report
  1. global
  2.     log /dev/log local0
  3.     log /dev/log local1 notice
  4.     maxconn 10000
  5.     user haproxy
  6.     group haproxy
  7.     spread-checks 0
  8.     tune.ssl.default-dh-param 1024
  9.     ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  10.  
  11. defaults
  12.     log global
  13.     mode http
  14.     option httplog
  15.     option dontlognull
  16.     option redispatch
  17.     retries 1
  18.     timeout queue 20000
  19.     timeout connect 5000
  20.     timeout client 50000
  21.     timeout server 50000
  22.  
  23. frontend haproxy-0-10000
  24.     bind 0.0.0.0:10000
  25.     default_backend haproxy_monitoring
  26.     mode http
  27.     acl allowed_cidr src 127.0.0.1/32
  28.     http-request deny unless allowed_cidr
  29.  
  30. backend haproxy_monitoring
  31.     mode http
  32.     stats enable
  33.     stats uri /
  34.     stats realm Haproxy\ Statistics
  35.     stats auth haproxy:hCZghJnqC67z5GZPGLNr
  36.     stats refresh 3
  37.  
  38. frontend haproxy-0-444
  39.     bind 0.0.0.0:444 ssl crt /var/lib/haproxy/default.pem no-sslv3
  40.     default_backend haproxy_service_be
  41.     http-request set-header X-Forwarded-Proto https
  42.     redirect prefix https://www.canonical.com code 301 unless { hdr(host) -i www.canonical.com }
  43.  
  44. backend haproxy_service_be
  45.     balance leastconn
  46.     option httpchk HEAD / HTTP/1.0
  47.     http-response set-header X-Robots-Tag all
  48.     server webapp-0-8080 10.25.12.166:8080 check inter 10000 rise 2 fall 5 maxconn 512
  49.     server webapp-1-8080 10.25.12.167:8080 check inter 10000 rise 2 fall 5 maxconn 512
  50.  
  51. frontend haproxy-0-81
  52.     bind 0.0.0.0:81
  53.     default_backend secure-redirect_be
  54.     redirect prefix https://www.canonical.com code 301 unless { hdr(host) -i www.canonical.com }
  55.     redirect scheme https code 301 if !{ ssl_fc }
  56.  
  57. backend secure-redirect_be
  58.  
  59. frontend haproxy-0-80
  60.     bind 0.0.0.0:80
  61.     default_backend secure-redirect
  62.     mode tcp
  63.     option tcplog
  64.  
  65. backend secure-redirect
  66.     mode tcp
  67.     option tcplog
  68.     balance leastconn
  69.     server haproxy-0 10.25.12.164:81 check
  70.     server haproxy-1 10.25.12.165:81 check backup
  71.  
  72. frontend haproxy-0-80
  73.     bind 0.0.0.0:80
  74.     default_backend haproxy_service
  75.     mode tcp
  76.     option tcplog
  77.  
  78. backend haproxy_service
  79.     mode tcp
  80.     option tcplog
  81.     balance leastconn
  82.     server haproxy-0 10.25.12.164:444 check
  83.     server haproxy-1 10.25.12.165:81 check backup
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!