Created
January 17, 2025 10:33
-
-
Save rojenzaman/b8c34e9b49ee1c1f7fbc8ec0d0fb2f00 to your computer and use it in GitHub Desktop.
HAProxy Configuration for Amazon WorkMail IMAP and SMTP SSL Passthrough (Alpine Linux)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #--------------------------------------------------------------------- | |
| # Global settings | |
| #--------------------------------------------------------------------- | |
| global | |
| log 127.0.0.1 local0 # Enable logging to syslog | |
| chroot /var/lib/haproxy # HAProxy chroot directory | |
| pidfile /var/run/haproxy.pid # PID file location | |
| maxconn 4000 # Maximum number of connections | |
| user haproxy # User to run HAProxy as | |
| group haproxy # Group to run HAProxy as | |
| daemon # Run HAProxy as a daemon | |
| # Enable statistics via a Unix socket | |
| stats socket /var/lib/haproxy/stats mode 600 level admin | |
| #--------------------------------------------------------------------- | |
| # Default settings for all 'frontend' and 'backend' sections | |
| #--------------------------------------------------------------------- | |
| defaults | |
| log global # Use global logging settings | |
| mode tcp # Operate in TCP mode for SSL passthrough | |
| option tcplog # Enable detailed TCP logging | |
| retries 3 # Maximum retry attempts | |
| timeout connect 30s # Timeout for connection attempts | |
| timeout client 1m # Timeout for client inactivity | |
| timeout server 2m # Timeout for server inactivity | |
| maxconn 3000 # Maximum connections per frontend/backend | |
| #--------------------------------------------------------------------- | |
| # IMAP SSL/TLS Proxy | |
| #--------------------------------------------------------------------- | |
| frontend imap-ssl | |
| bind *:993 # Listen on port 993 for IMAP SSL | |
| default_backend imap-mail | |
| backend imap-mail | |
| mode tcp # Operate in TCP mode for SSL passthrough | |
| server mail1 imap.mail.eu-west-1.awsapps.com:993 check | |
| #--------------------------------------------------------------------- | |
| # SMTP SSL/TLS Proxy | |
| #--------------------------------------------------------------------- | |
| frontend smtp-ssl | |
| bind *:465 # Listen on port 465 for SMTP SSL | |
| default_backend smtp-mail | |
| backend smtp-mail | |
| mode tcp # Operate in TCP mode for SSL passthrough | |
| server mail1 smtp.mail.eu-west-1.awsapps.com:465 check | |
| #--------------------------------------------------------------------- | |
| # Management statistics | |
| #--------------------------------------------------------------------- | |
| listen stats | |
| bind *:8080 # Listen on port 8080 for stats | |
| mode http # Operate in HTTP mode | |
| stats enable # Enable the stats page | |
| stats uri /haproxy?stats # Stats page URL | |
| stats refresh 10s # Refresh interval for stats | |
| stats auth admin:password # Authentication for stats page |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment