-
-
Save zen-k/8cddce0cdef541f97d6073b9d8176f96 to your computer and use it in GitHub Desktop.
Haproxy SSL reverse proxy configuration for Docker registry
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log 127.0.0.1 local0 debug | |
| chroot /var/lib/haproxy | |
| user haproxy | |
| group haproxy | |
| daemon | |
| tune.ssl.default-dh-param 2048 | |
| defaults | |
| log global | |
| mode http | |
| option httplog | |
| option dontlognull | |
| option forwardfor | |
| option logasap | |
| timeout connect 10000 | |
| timeout client 50000 | |
| timeout server 100000 | |
| maxconn 3000 | |
| errorfile 400 /etc/haproxy/errors/400.http | |
| errorfile 403 /etc/haproxy/errors/403.http | |
| errorfile 408 /etc/haproxy/errors/408.http | |
| errorfile 500 /etc/haproxy/errors/500.http | |
| errorfile 502 /etc/haproxy/errors/502.http | |
| errorfile 503 /etc/haproxy/errors/503.http | |
| errorfile 504 /etc/haproxy/errors/504.http | |
| frontend http | |
| bind *:80 | |
| redirect scheme https if !{ ssl_fc } | |
| frontend https | |
| bind *:443 ssl crt /etc/mycompany/certs/haproxy.pem | |
| acl host_docker hdr(host) -i docker.mycompany.com | |
| reqadd X-Forwarded-Port:\ 443 | |
| reqadd X-Forwarded-Proto:\ https | |
| reqadd X-Forwarded-Scheme:\ https | |
| use_backend docker if host_docker | |
| backend docker | |
| reqadd X-Forwarded-Host:\ docker.mycompany.com | |
| server docker localhost:5000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment