62 lines
1.5 KiB
INI
62 lines
1.5 KiB
INI
|
global
|
||
|
log 127.0.0.1 local2
|
||
|
|
||
|
chroot /var/lib/haproxy
|
||
|
pidfile /var/run/haproxy.pid
|
||
|
maxconn 4000
|
||
|
user haproxy
|
||
|
group haproxy
|
||
|
daemon
|
||
|
|
||
|
# turn on stats unix socket
|
||
|
stats socket /var/lib/haproxy/stats
|
||
|
|
||
|
# utilize system-wide crypto-policies
|
||
|
ssl-default-bind-ciphers PROFILE=SYSTEM
|
||
|
ssl-default-server-ciphers PROFILE=SYSTEM
|
||
|
|
||
|
defaults
|
||
|
option tcplog
|
||
|
mode tcp
|
||
|
log global
|
||
|
option http-server-close
|
||
|
timeout connect 10s
|
||
|
timeout client 1m
|
||
|
timeout server 1m
|
||
|
|
||
|
# HTTPS
|
||
|
frontend https
|
||
|
bind :443
|
||
|
|
||
|
acl dst_fastlight dst 10.0.0.104
|
||
|
acl dst_norrsken dst 10.0.0.143
|
||
|
|
||
|
use_backend https_fastlight if dst_fastlight
|
||
|
use_backend https_norrsken if dst_norrsken
|
||
|
|
||
|
backend https_fastlight
|
||
|
balance roundrobin
|
||
|
server fastlight 10.0.100.10:443 send-proxy
|
||
|
|
||
|
backend https_norrsken
|
||
|
balance roundrobin
|
||
|
server norrsken 10.0.100.20:4430 send-proxy
|
||
|
|
||
|
# HTTP
|
||
|
frontend http
|
||
|
bind :80
|
||
|
|
||
|
acl dst_fastlight dst 10.0.0.104
|
||
|
acl dst_norrsken dst 10.0.0.143
|
||
|
|
||
|
use_backend http_fastlight if dst_fastlight
|
||
|
use_backend http_norrsken if dst_norrsken
|
||
|
|
||
|
backend http_fastlight
|
||
|
balance roundrobin
|
||
|
server fastlight 10.0.100.10:80 send-proxy
|
||
|
|
||
|
backend http_norrsken
|
||
|
balance roundrobin
|
||
|
server norrsken 10.0.100.20:8000 send-proxy
|