API tools faq
paste
Advertisement
Guest User

haporoxy...

a guest
Feb 17th, 2019
303
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.44 KB | None | 0 0
raw download clone embed print report
  1. global
  2.    log /dev/log local0
  3.    log /dev/log local1 notice
  4.    chroot /var/lib/haproxy
  5.    maxconn 2048
  6.    stats timeout 30s
  7.    user haproxy
  8.    group haproxy
  9.    daemon
  10.  
  11. defaults
  12.    log global
  13.    mode http
  14.    option httplog
  15.    option dontlognull
  16.    option forwardfor
  17.    option http-server-close
  18.    timeout connect 5000
  19.    timeout client 5000
  20.    timeout server 5000
  21.  
  22. listen stats
  23.    bind *:8181
  24.    stats enable
  25.    stats uri /
  26.    stats realm Haproxy\ Statistics
  27.    stats auth admin:9zmq893f
  28.  
  29. frontend http_home
  30.    bind 10.20.1.15:80
  31.    mode http
  32.    timeout http-request 5s
  33.    option forwardfor
  34.    reqadd X-Forwarded-Proto:\ http
  35.  
  36.    # privetdrive
  37.    acl is_privetdrive      hdr_end(host) -i www.privetdrive.net
  38.    acl is_privetdrive      hdr_end(host) -i privetdrive.net
  39.    acl is_unifi            hdr_end(host) -i unifi.privetdrive.net
  40.    acl is_unms             hdr_end(host) -i unms.privetdrive.net
  41.    acl is_quake            hdr_end(host) -i quake.privetdrive.net
  42.  
  43.    # sundsvallbbq
  44.    acl is_sundsvallbbq          hdr_end(host) -i sundsvallbbq.se
  45.    acl is_sundsvallbbq          hdr_end(host) -i www.sundsvallbbq.se
  46.  
  47.    redirect scheme https if { hdr(Host) -i www.privetdrive.net } !{ ssl_fc }
  48.    redirect scheme https if { hdr(Host) -i privetdrive.net } !{ ssl_fc }
  49.    redirect scheme https if { hdr(Host) -i www.sundsvallbbq.se } !{ ssl_fc }
  50.    redirect scheme https if { hdr(Host) -i sundsvallbbq.se } !{ ssl_fc }
  51.  
  52.    use_backend             http_backend if is_privetdrive
  53.    use_backend             http_backend if is_sundsvallbbq
  54.    use_backend             unifi if is_unifi
  55.    use_backend             unms if is_unms
  56.    use_backend             quake-server if is_quake
  57.    
  58.    default_backend http_backend
  59.    
  60. stats uri /haproxy?stats
  61.    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
  62.    use_backend letsencrypt-backend if letsencrypt-acl
  63.    default_backend http_backend
  64.  
  65. backend http_backend
  66.    http-response set-header Strict-Transport-Security "max-age=15778463 includeSubDomains; preload;"
  67.    server webserver 10.20.1.25:80 check
  68.  
  69. frontend https_backend
  70.    bind *:443 ssl crt-list /etc/ssl/crt-list.txt alpn h2,http/1.1
  71.    reqadd X-Forwarded-Proto:\ https
  72.    default_backend http_backend
  73.  
  74. backend unifi
  75.    server unifi 10.20.1.11:8443 check
  76.  
  77. backend unms
  78.    server unms 10.20.1.12:80 check
  79.  
  80. backend quake-server
  81.    server q3a 10.20.1.5:27960 check
  82.  
  83. backend letsencrypt-backend
  84.    server letsencrypt 127.0.0.1:8888
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!