37 lines
998 B
INI
37 lines
998 B
INI
global
|
|
tune.ssl.default-dh-param 2048
|
|
ssl-default-bind-ciphers …
|
|
ssl-default-bind-options …
|
|
ssl-default-server-ciphers …
|
|
ssl-default-server-options …
|
|
log /dev/log local0 info
|
|
pidfile /run/haproxy.pid
|
|
daemon
|
|
|
|
defaults
|
|
mode tcp
|
|
timeout connect 5s
|
|
timeout client 5m
|
|
timeout server 5m
|
|
timeout tunnel 1h
|
|
timeout client-fin 5s
|
|
timeout server-fin 5s
|
|
log global
|
|
option logasap
|
|
option log-separate-errors
|
|
log-format "%ci:%cp [%t] %ft %b[%bi:%bp]/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq"
|
|
|
|
frontend tls
|
|
bind :443 ssl crt /etc/haproxy/tls.pem
|
|
default_backend https
|
|
|
|
backend https
|
|
server nginx unix@/run/shared_sockets/https.pp send-proxy
|
|
|
|
frontend tls_plus
|
|
bind :444 ssl crt /etc/haproxy/tls.pem
|
|
default_backend https_plus
|
|
|
|
backend https_plus
|
|
server nginx unix@/run/shared_sockets/https+.pp send-proxy
|