37 lines
998 B
INI
37 lines
998 B
INI
|
global
|
||
|
tune.ssl.default-dh-param 2048
|
||
|
ssl-default-bind-ciphers …
|
||
|
ssl-default-bind-options …
|
||
|
ssl-default-server-ciphers …
|
||
|
ssl-default-server-options …
|
||
|
log /dev/log local0 info
|
||
|
pidfile /run/haproxy.pid
|
||
|
daemon
|
||
|
|
||
|
defaults
|
||
|
mode tcp
|
||
|
timeout connect 5s
|
||
|
timeout client 5m
|
||
|
timeout server 5m
|
||
|
timeout tunnel 1h
|
||
|
timeout client-fin 5s
|
||
|
timeout server-fin 5s
|
||
|
log global
|
||
|
option logasap
|
||
|
option log-separate-errors
|
||
|
log-format "%ci:%cp [%t] %ft %b[%bi:%bp]/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq"
|
||
|
|
||
|
frontend tls
|
||
|
bind :443 ssl crt /etc/haproxy/tls.pem
|
||
|
default_backend https
|
||
|
|
||
|
backend https
|
||
|
server nginx unix@/run/shared_sockets/https.pp send-proxy
|
||
|
|
||
|
frontend tls_plus
|
||
|
bind :444 ssl crt /etc/haproxy/tls.pem
|
||
|
default_backend https_plus
|
||
|
|
||
|
backend https_plus
|
||
|
server nginx unix@/run/shared_sockets/https+.pp send-proxy
|