Created
November 20, 2017 21:00
-
-
Save tejaskokje/22131573be64b61d2528839f607746ce to your computer and use it in GitHub Desktop.
haproxy.cfg
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log 127.0.0.1 local0 | |
| maxconn 5000 | |
| tune.bufsize 18432 | |
| tune.maxrewrite 9216 | |
| stats socket /var/run/haproxy.sock mode 600 level admin | |
| stats timeout 2m # Wait up to 2 minutes for input | |
| tune.ssl.default-dh-param 2048 | |
| ssl-default-bind-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |
| ssl-default-bind-options no-sslv3 no-tls-tickets | |
| ssl-default-server-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |
| ssl-default-server-options no-sslv3 no-tls-tickets | |
| defaults | |
| log global | |
| option splice-auto | |
| option abortonclose | |
| timeout connect 5s | |
| timeout queue 5s | |
| timeout client 60s | |
| timeout server 60s | |
| timeout tunnel 1h | |
| timeout http-request 120s | |
| timeout check 2s | |
| option httpchk GET / | |
| default-server inter 5s port 80 rise 5 fall 3 | |
| cookie MY-COOKIE insert indirect nocache maxlife 5s maxidle 5s | |
| frontend monitor | |
| bind *:50054 | |
| mode http | |
| option forwardfor | |
| monitor-uri /haproxy_test | |
| frontend http_80 | |
| bind *:80 | |
| default_backend http_80_backend | |
| mode http | |
| reqadd X-Forwarded-Proto:\ http if !{ ssl_fc } | |
| reqadd X-Forwarded-Proto:\ https if { ssl_fc } | |
| http-request set-header X-Forwarded-Port %[dst_port] | |
| option forwardfor | |
| acl is_websocket hdr(Upgrade) -i WebSocket | |
| option http-server-close | |
| backend http_80_backend | |
| balance roundrobin | |
| mode http | |
| # This is where your target droplets should go | |
| server backend1 104.236.109.147:80 check cookie backend1 | |
| server backend2 104.131.61.181:80 check cookie backend2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment