API tools faq
paste
Advertisement
Guest User

haproxy-config

a guest
Feb 17th, 2019
312
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.53 KB | None | 0 0
raw download clone embed print report
  1. global
  2.     log /dev/log local0
  3.     log /dev/log local1 notice
  4.     chroot /var/lib/haproxy
  5.     maxconn 2048
  6.     stats timeout 30s
  7.     user haproxy
  8.     group haproxy
  9.     daemon
  10.  
  11. defaults
  12.     log global
  13.     mode http
  14.     option httplog
  15.     option dontlognull
  16.     option forwardfor
  17.     option http-server-close
  18.     timeout connect 5000
  19.     timeout client 5000
  20.     timeout server 5000
  21.  
  22. listen stats
  23.     bind *:8181
  24.     stats enable
  25.     stats uri /
  26.     stats realm Haproxy\ Statistics
  27.     stats auth admin:9zmq893f
  28.  
  29. frontend homes
  30.     bind *:80
  31.     mode http
  32.     timeout http-request 5s
  33.     option forwardfor
  34.     reqadd X-Forwarded-Proto:\ http
  35.  
  36.     # privetdrive
  37.     acl is_privetdrive          hdr_end(host) -i www.privetdrive.net
  38.     acl is_privetdrive          hdr_end(host) -i privetdrive.net
  39.     acl is_unifi                hdr_end(host) -i unifi.privetdrive.net
  40.     acl is_unms                 hdr_end(host) -i unms.privetdrive.net
  41.     acl is_quake                hdr_end(host) -i quake.privetdrive.net
  42.    
  43.     # sundsvallbbq
  44.     acl is_sundsvallbbq         hdr_end(host) -i sundsvallbbq.se
  45.     acl is_sundsvallbbq         hdr_end(host) -i www.sundsvallbbq.se
  46.  
  47.     redirect scheme https if { hdr(Host) -i www.privetdrive.net } !{ ssl_fc }
  48.     redirect scheme https if { hdr(Host) -i privetdrive.net } !{ ssl_fc }
  49.     redirect scheme https if { hdr(Host) -i www.sundsvallbbq.se } !{ ssl_fc }
  50.     redirect scheme https if { hdr(Host) -i sundsvallbbq.se } !{ ssl_fc }
  51.  
  52.     use_backend             webserver if is_privetdrive
  53.     use_backend             webserver if is_sundsvallbbq
  54.     use_backend             unifi if is_unifi
  55.     use_backend             unms if is_unms
  56.     use_backend             quake if is_quake
  57.    
  58. stats uri /haproxy?stats
  59.     acl letsencrypt-acl path_beg /.well-known/acme-challenge/
  60.     use_backend letsencrypt-backend if letsencrypt-acl
  61.     default_backend http_backend
  62.  
  63. frontend https_homes
  64.     bind *:443 ssl crt-list /etc/ssl/crt-list.txt alpn h2,http/1.1
  65.     reqadd X-Forwarded-Proto:\ https
  66.     acl is_privetdrive  hdr_end(host) -i privetdrive.net
  67.     acl is_privetdrive  hdr_end(host) -i www.privetdrive.net
  68.     acl is_sundsvallbbq hdr_end(host) -i sundsvallbbq.se
  69.     acl is_sundsvallbbq hdr_end(host) -i www.sundsvallbbq.se
  70.     use_backend     unifi if is_unifi
  71.     use_backend     unms if is_unms
  72.     use_backend     quake if is_quake
  73.     default_backend homes_backend
  74.  
  75. backend homes_backend
  76.     http-response set-header Strict-Transport-Security "max-age=15778463; includeSubDomains; preload;"
  77.     server webserver 10.20.1.85:80 check
  78.  
  79. backend unifi
  80.     server unifi 10.20.1.11:8443 check
  81.  
  82. backend unms
  83.     server unms 10.20.1.12:80 check
  84.  
  85. backend quake
  86.     server quake 10.20.1.5 check
  87.  
  88. backend letsencrypt-backend
  89.     server letsencrypt 127.0.0.1:8888
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!