API tools faq
paste
Guest User

haproxy

a guest
Jun 26th, 2025
28
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.19 KB | None | 0 0
raw download clone embed print report
  1. #---------------------------------------------------------------------
  2. # Global settings
  3. #---------------------------------------------------------------------
  4. global
  5. log stdout format raw local0 debug
  6.  
  7. chroot /var/lib/haproxy
  8. stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
  9. stats timeout 30s
  10. user haproxy
  11. group haproxy
  12.  
  13. # Default SSL/TLS settings
  14. tune.ssl.default-dh-param 2048
  15. ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
  16. ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
  17.  
  18. #---------------------------------------------------------------------
  19. # Default settings for all frontends and backends
  20. #---------------------------------------------------------------------
  21. defaults
  22. log global
  23. mode http
  24. option httplog
  25. option dontlognull
  26. timeout connect 5000ms
  27. timeout client 50000ms
  28. timeout server 50000ms
  29.  
  30. #---------------------------------------------------------------------
  31. # Frontend for redirecting HTTP to HTTPS
  32. #---------------------------------------------------------------------
  33. frontend http_frontend
  34. bind *:80
  35. http-request redirect scheme https code 301 unless { ssl_fc }
  36.  
  37. #---------------------------------------------------------------------
  38. # Main frontend for handling HTTPS traffic
  39. #---------------------------------------------------------------------
  40. frontend https_frontend
  41. bind *:443 ssl crt /etc/haproxy/certs/ alpn h2,http/1.1
  42.  
  43. use_backend backend_one if { ssl_fc_sni one.website.com }
  44. use_backend backend_two if { ssl_fc_sni two.website.com }
  45. use_backend backend_three if { ssl_fc_sni three.services.website.com }
  46.  
  47. default_backend not_found_backend
  48.  
  49. #---------------------------------------------------------------------
  50. # Backend server definitions
  51. #---------------------------------------------------------------------
  52.  
  53. backend backend_one
  54. server one localhost:7880 check
  55.  
  56. backend backend_two
  57. server two localhost:5349 check
  58.  
  59. backend backend_three
  60. server three localhost:3200 check
  61.  
  62. backend not_found_backend
  63. http-request deny status 404
  64.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!