Created
July 14, 2018 18:38
-
-
Save simbalinux/f96b541ff097b1dbdce4d1743756341a to your computer and use it in GitHub Desktop.
HAproxy frontend/backend configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #--------------------------------------------------------------------- | |
| # FrontEnd Configuration | |
| #--------------------------------------------------------------------- | |
| frontend http | |
| bind *:80 | |
| option http-server-close | |
| option forwardfor | |
| default_backend backend | |
| frontend https | |
| bind *:443 ssl crt /etc/haproxy/haproxy.pem | |
| mode http | |
| option http-server-close | |
| option forwardfor | |
| reqadd X-Forwarded-Proto:\ https | |
| reqadd X-Forwarded-Port:\ 443 | |
| # set HTTP Strict Transport Security (HTST) header | |
| rspadd Strict-Transport-Security:\ max-age=15768000 | |
| default_backend backend_ssl | |
| #--------------------------------------------------------------------- | |
| # BackEnd roundrobin as balance algorithm | |
| #--------------------------------------------------------------------- | |
| backend backend | |
| balance roundrobin #Balance algorithm | |
| option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost #Check the server application is up and healty - 200 status code | |
| server web1 web1.example.com:80 check #apache | |
| server web2 web2.example.com:80 check #apache | |
| backend backend_ssl | |
| server web1 web1.example.com:443 ssl verify none | |
| server web1 web2.example.com:443 ssl verify none |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment