joshdvir · August 29, 2015 14:14
diff --git a/gistfile1.txt b/gistfile1.txt
 global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL).
        ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
        tune.ssl.default-dh-param 2048
        ssl-default-bind-options no-sslv3

 defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        timeout connect 120s
        timeout client  120s
        timeout server  120s
        timeout tunnel  5h
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http
        
 frontend ft_faye
        bind public_ip_to_listen:9292 ssl crt /etc/ssl/private/pem_file
        mode http
        option forwardfor
        option http-server-close
        option http-pretend-keepalive
        default_backend bk_faye

 frontend ft_faye_private
        bind private_ip_to_listen:9292
        mode http
        default_backend bk_faye

 backend bk_faye
        balance roundrobin
        mode http
        server faye1 first_server_ip:9292 weight 1 maxconn 8192 check
        server faye2 second_server_ip:9292 weight 1 maxconn 8192 check
	global
	log /dev/log local0
	log /dev/log local1 notice
	chroot /var/lib/haproxy
	stats socket /run/haproxy/admin.sock mode 660 level admin
	stats timeout 30s
	user haproxy
	group haproxy
	daemon

	# Default SSL material locations
	ca-base /etc/ssl/certs
	crt-base /etc/ssl/private

	# Default ciphers to use on SSL-enabled listening sockets.
	# For more information, see ciphers(1SSL).
	ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
	tune.ssl.default-dh-param 2048
	ssl-default-bind-options no-sslv3

	defaults
	log global
	mode http
	option httplog
	option dontlognull
	timeout connect 120s
	timeout client 120s
	timeout server 120s
	timeout tunnel 5h
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

	frontend ft_faye
	bind public_ip_to_listen:9292 ssl crt /etc/ssl/private/pem_file
	mode http
	option forwardfor
	option http-server-close
	option http-pretend-keepalive
	default_backend bk_faye

	frontend ft_faye_private
	bind private_ip_to_listen:9292
	mode http
	default_backend bk_faye

	backend bk_faye
	balance roundrobin
	mode http
	server faye1 first_server_ip:9292 weight 1 maxconn 8192 check
	server faye2 second_server_ip:9292 weight 1 maxconn 8192 check