Skip to content

Instantly share code, notes, and snippets.

@emresaracoglu

emresaracoglu/HAproxy File

Created July 20, 2020 17:15
Show Gist options
  • Save emresaracoglu/aa8d62b27da33f5125e847075afedb97 to your computer and use it in GitHub Desktop.
Save emresaracoglu/aa8d62b27da33f5125e847075afedb97 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. emresaracoglu created this gist Jul 20, 2020.
    70 changes: 70 additions & 0 deletions HAproxy File
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,70 @@
    global
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

    # Default SSL material locations
    # ca-base /etc/ssl/certs
    # crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    # An alternative list with additional directives can be obtained from
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
    # ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
    # ssl-default-bind-options no-sslv3

    defaults
    log global
    mode http
    option httplog
    option dontlognull
    timeout connect 5000
    timeout client 50000
    timeout server 50000
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

    frontend MAIN
    bind *:21
    bind *:80
    bind *:2030
    bind *:2031
    bind *:2032
    bind *:8064
    bind *:8065
    bind *:8080
    bind *:8090
    bind *:443
    mode http

    acl ES1_URL hdr(host) -i www.exaple.com example.com
    acl ES2_URL hdr(host) -i www.example2.com examle2.com
    acl MC_URL hdr(host) -i chat.example.com

    use_backend ES1 if ES1_URL
    use_backend ES2 if ES2_URL
    use_backend MC if MC_URL

    backend ES1
    mode http
    server web-esf 192.168.128.176

    backend ES2
    mode http
    server web-est 192.168.128.176

    backend MC
    mode http
    server web-mc 192.168.128.21:8065