API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 19th, 2019
294
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.40 KB | None | 0 0
raw download clone embed print report
  1. global
  2.    log /dev/log local0
  3.    log /dev/log local1 notice
  4.    chroot /var/lib/haproxy
  5.    maxconn 2048
  6.    stats timeout 30s
  7.    user haproxy
  8.    group haproxy
  9.    daemon
  10.  
  11. defaults
  12.    log global
  13.    mode http
  14.    option httplog
  15.    option dontlognull
  16.    option forwardfor
  17.    option http-server-close
  18.    timeout connect 5000
  19.    timeout client 5000
  20.    timeout server 5000
  21.  
  22. listen stats
  23.    bind *:8181
  24.    stats enable
  25.    stats uri /
  26.    stats realm Haproxy\ Statistics
  27.    stats auth username:password
  28.  
  29. frontend http_home
  30.    bind 10.20.1.15:80
  31.    mode http
  32.    timeout http-request 5s
  33.    option forwardfor
  34.    reqadd X-Forwarded-Proto:\ http
  35.  
  36.    # privetdrive
  37.    acl is_privetdrive      hdr_beg(host) -i privetdrive.net
  38.    acl is_privetdrive      hdr_beg(host) -i www
  39.    acl is_unifi            hdr_beg(host) -i unifi
  40.    acl is_unms             hdr_beg(host) -i unms
  41.    acl is_quake            hdr_beg(host) -i quake
  42.  
  43.    # sundsvallbbq
  44.    acl is_sundsvallbbq          hdr_beg(host) -i sundsvallbbq.se
  45.    acl is_sundsvallbbq          hdr_beg(host) -i www
  46.  
  47.    redirect scheme https if { hdr(dom) -i privetdrive.net } !{ ssl_fc }
  48.    redirect scheme https if { hdr(host) -i www.privetdrive.net } !{ ssl_fc }
  49.    redirect scheme https if { hdr(host) -i sundsvallbbq.se } !{ ssl_fc }
  50.    redirect scheme https if { hdr(host) -i www.sundsvallbbq.se } !{ ssl_fc }  
  51.  
  52.    use_backend             http_backend if is_privetdrive
  53.    use_backend             http_backend if is_sundsvallbbq
  54.    use_backend             unifi_backend if is_unifi
  55.    use_backend             unms_backend if is_unms
  56.    use_backend             quake_backend if is_quake
  57.    
  58.    default_backend http_backend
  59.    
  60. stats uri /haproxy?stats
  61.    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
  62.    use_backend letsencrypt-backend if letsencrypt-acl
  63.    default_backend http_backend
  64.  
  65. backend http_backend
  66.    http-response set-header Strict-Transport-Security "max-age=15778463 includeSubDomains; preload;"
  67.    server webserver 10.20.1.25:80 check
  68.  
  69. frontend https_backend
  70.    bind *:443 ssl crt-list /etc/ssl/crt-list.txt alpn h2,http/1.1
  71.    reqadd X-Forwarded-Proto:\ https
  72.    default_backend http_backend
  73.  
  74. backend unifi_backend
  75.    server unifi 10.20.1.11:8080 check
  76.  
  77. backend unms_backend
  78.    server unms 10.20.1.12:80 check
  79.  
  80. backend quake_backend
  81.    server q3a 10.20.1.5:27960 check
  82.  
  83. backend letsencrypt-backend
  84.    server letsencrypt 127.0.0.1:8888
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!