Skip to content

Instantly share code, notes, and snippets.

@dvbportal

dvbportal/haproxy-spdy-config

Created February 9, 2015 20:30
Download ZIP

Revisions

  1. dvbportal created this gist Feb 9, 2015.
    35 changes: 35 additions & 0 deletions haproxy-spdy-config
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,35 @@
    haproxy.conf
    ============

    frontend spdy
    mode tcp
    bind xxx.xxx.xxx.xxx:443 ssl crt /etc/haproxy/ssl.pem crt /etc/haproxy/certs.d npn spdy/3.1,http/1.1 ciphers AES256+EECDH:AES256+EDH:AES128+EDH:EECDH:!aNULL:!eNULL:!LOW:!DES:!3DES:!RC4; no-sslv3
    option tcplog
    log global

    # route to nginx
    use_backend nginx_spdy if { ssl_fc_npn -i spdy/3.1 }
    default_backend nginx

    backend nginx
    mode tcp
    server nginx01 xxx.xxx.xxx.xxx:80

    backend nginx_spdy
    mode tcp
    server nginx02 xxx.xxx.xxx.xxx:81

    nginx.conf
    ==========

    server {
    listen xxx.xxx.xxx.xxx:80;
    listen xxx.xxx.xxx.xxx:81 spdy;
    server_name $host;
    server_name_in_redirect on;
    autoindex off;

    add_header Strict-Transport-Security "max-age=31536000";

    location / {
    ...