Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Automaticaly generated, dont edit manually.
- # Generated on: 2019-06-25 21:23
- global
- maxconn 100
- stats socket /tmp/haproxy.socket level admin expose-fd listeners
- uid 80
- gid 80
- nbproc 1
- nbthread 1
- hard-stop-after 15m
- chroot /tmp/haproxy_chroot
- daemon
- tune.ssl.default-dh-param 2048
- server-state-file /tmp/haproxy_server_state
- ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
- ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
- ssl-default-server-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
- ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
- listen HAProxyLocalStats
- bind 127.0.0.1:2200 name localstats
- mode http
- stats enable
- stats admin if TRUE
- stats show-legends
- stats uri /haproxy/haproxy_stats.php?haproxystats=1
- timeout client 5000
- timeout connect 5000
- timeout server 5000
- frontend HTTPS-Edge-SNI
- bind 127.0.0.1:1443 name 127.0.0.1:1443 ssl crt-list /var/etc/haproxy/HTTPS-Edge-SNI.crt_list
- bind 192.168.5.1:443 name 192.168.5.1:443 ssl crt-list /var/etc/haproxy/HTTPS-Edge-SNI.crt_list
- bind /tmp/haproxy_chroot/HTTPS-Edge-SNI.socket name unixsocket uid 80 accept-proxy ssl crt-list /var/etc/haproxy/HTTPS-Edge-SNI.crt_list
- mode http
- log global
- option http-keep-alive
- timeout client 30000
- acl mail-acl var(txn.txnhost) -m str -i mail.apollon-domain.co.uk
- acl monitor-acl var(txn.txnhost) -m str -i monitor.apollon-domain.co.uk
- acl filter-acl var(txn.txnhost) -m str -i filter.apollon-domain.co.uk
- acl autodiscover-acl var(txn.txnhost) -m str -i autodiscover.apollon-domain.co.uk
- acl cloud-acl var(txn.txnhost) -m str -i cloud.apollon-domain.co.uk
- acl invoice-acl var(txn.txnhost) -m str -i invoice.apolloncomputerservice.co.uk
- acl blog-acl var(txn.txnhost) -m str -i blog.apollon-domain.co.uk
- acl www-acl var(txn.txnhost) -m str -i www.apolloncomputerservice.co.uk
- acl www-redirect var(txn.txnhost) -m str -i apolloncomputerservice.co.uk
- acl mail-owa var(txn.txnpath) -m beg -i /owa
- acl mail-ecp var(txn.txnpath) -m beg -i /ecp
- acl mail-mapi var(txn.txnpath) -m beg -i /mapi
- acl mail-ews var(txn.txnpath) -m beg -i /EWS
- acl mail-oab var(txn.txnpath) -m beg -i /OAB
- acl mail-activesync var(txn.txnpath) -m beg -i /Microsoft-Server-ActiveSync
- acl mail-rpc var(txn.txnpath) -m beg -i /rpc/rpcproxy.dll
- acl mail-autodiscover var(txn.txnpath) -m beg -i /Autodiscover
- acl mail-healthcheck var(txn.txnpath) -m end -i HealthCheck.htm
- acl source-internal src 192.168.5.0/24
- acl mail-owa-redirect var(txn.txnpath) -m str -i /owa
- http-request set-var(txn.txnhost) hdr(host)
- http-request set-var(txn.txnpath) path
- http-request deny if mail-acl mail-healthcheck
- http-request redirect prefix https://www.apolloncomputerservice.co.uk if www-redirect
- http-request redirect location https://mail.apollon-domain.co.uk/owa/ if mail-acl mail-owa-redirect
- use_backend monitor_ipvANY if monitor-acl
- use_backend filter_ipvANY if filter-acl
- use_backend cloud_ipvANY if cloud-acl
- use_backend invoice_ipvANY if invoice-acl
- use_backend blog_ipvANY if blog-acl
- use_backend www_ipvANY if www-acl
- use_backend mail-owa_ipvANY if mail-owa mail-acl
- use_backend mail-ecp_ipvANY if mail-ecp mail-acl source-internal
- use_backend mail-mapi_ipvANY if mail-mapi mail-acl
- use_backend mail-ews_ipvANY if mail-ews mail-acl
- use_backend mail-oab_ipvANY if mail-oab mail-acl
- use_backend mail-activesync_ipvANY if mail-activesync mail-acl
- use_backend mail-rpc_ipvANY if mail-rpc mail-acl
- use_backend mail-autodiscover_ipvANY if mail-autodiscover mail-acl
- use_backend mail-autodiscover_ipvANY if autodiscover-acl mail-autodiscover
- frontend HTTP-Edge
- bind 82.14.242.248:80 name 82.14.242.248:80
- mode http
- log global
- option http-keep-alive
- timeout client 30000
- acl mail-acl var(txn.txnhost) -m str -i mail.apollon-domain.co.uk
- acl filter-acl var(txn.txnhost) -m str -i filter.apollon-domain.co.uk
- acl cloud-acl var(txn.txnhost) -m str -i cloud.apollon-domain.co.uk
- acl monitor-acl var(txn.txnhost) -m str -i monitor.apollon-domain.co.uk
- acl www-acl var(txn.txnhost) -m str -i www.apolloncomputerservice.co.uk
- acl blog-acl var(txn.txnhost) -m str -i blog.apollon-domain.co.uk
- acl www-redirect var(txn.txnhost) -m str -i apolloncomputerservice.co.uk
- acl invoice-acl var(txn.txnpath) -m str -i invoice.apolloncomputerservice.co.uk
- http-request set-var(txn.txnhost) hdr(host)
- http-request set-var(txn.txnpath) path
- http-request redirect scheme https if mail-acl
- http-request redirect scheme https if filter-acl
- http-request redirect scheme https if cloud-acl
- http-request redirect scheme https if monitor-acl
- http-request redirect scheme https if www-acl
- http-request redirect scheme https if blog-acl
- http-request redirect prefix https://www.apolloncomputerservice.co.uk if www-redirect
- http-request redirect scheme https if invoice-acl
- frontend HTTPS-Edge-TCP
- bind 82.14.242.248:443 name 82.14.242.248:443
- mode tcp
- log global
- timeout client 14400000
- tcp-request inspect-delay 5s
- acl netscaler-acl req.ssl_sni -i apps.apollon-domain.co.uk
- acl netscaler-acl req.ssl_sni -i apps.apollon-domain.co.uk:443
- acl hasSNI req.ssl_sni -m found
- tcp-request content accept if { req.ssl_hello_type 1 }
- use_backend netscaler_ipvANY if netscaler-acl || !hasSNI
- default_backend defaultbackend_ipvANY
- backend monitor_ipvANY
- mode http
- id 113
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk OPTIONS /
- http-response add-header Content-Security-Policy upgrade-insecure-requests
- server ICARUS 192.168.5.160:80 id 114 check inter 1000
- backend filter_ipvANY
- mode http
- id 107
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- http-response add-header Content-Security-Policy upgrade-insecure-requests
- server GLAUCUS 192.168.5.185:80 id 108 check inter 1000
- backend cloud_ipvANY
- mode http
- id 121
- log global
- http-response set-header Strict-Transport-Security max-age=31536000;
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk OPTIONS /
- http-response add-header Content-Security-Policy upgrade-insecure-requests
- server OEDIPUS 192.168.5.203:80 id 122 check inter 1000
- backend invoice_ipvANY
- mode http
- id 123
- log global
- http-response set-header Strict-Transport-Security max-age=31536000;
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk OPTIONS /
- server CLYTIA 192.168.5.198:443 id 124 ssl check inter 1000 verify none
- backend blog_ipvANY
- mode http
- id 117
- log global
- http-response set-header Strict-Transport-Security max-age=31536000;
- timeout connect 30000
- timeout server 30000
- retries 3
- http-response add-header Content-Security-Policy upgrade-insecure-requests
- server MINOTAUR 192.168.5.168:80 id 104 check inter 1000
- backend www_ipvANY
- mode http
- id 103
- log global
- http-response set-header Strict-Transport-Security max-age=31536000;
- timeout connect 30000
- timeout server 30000
- retries 3
- http-response add-header Content-Security-Policy upgrade-insecure-requests
- server MINOTAUR 192.168.5.168:80 id 126 check inter 1000
- backend mail-owa_ipvANY
- mode http
- id 109
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /owa/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-ecp_ipvANY
- mode http
- id 102
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /ECP/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-mapi_ipvANY
- mode http
- id 110
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /mapi/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-ews_ipvANY
- mode http
- id 118
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /EWS/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-oab_ipvANY
- mode http
- id 125
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /OAB/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-activesync_ipvANY
- mode http
- id 127
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /Microsoft-Server-ActiveSync/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-rpc_ipvANY
- mode http
- id 128
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /RPC/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend mail-autodiscover_ipvANY
- mode http
- id 129
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- option httpchk GET /Autodiscover/HealthCheck.htm
- http-check expect string 200 OK
- server EREBOS 192.168.5.161:80 id 112 check inter 1000
- backend netscaler_ipvANY
- mode tcp
- id 115
- log global
- timeout connect 30000
- timeout server 14400000
- retries 10
- http-check expect status 403
- server GANYMEDE 192.168.5.6:443 id 116 check inter 60000
- backend defaultbackend_ipvANY
- mode tcp
- id 105
- log global
- timeout connect 30000
- timeout server 30000
- retries 3
- server defaultbackend /HTTPS-Edge-SNI.socket send-proxy-v2-ssl-cn id 106 check inter 1000
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement