-
-
Save danieleagle/60578930db28417943f84bdf8024a163 to your computer and use it in GitHub Desktop.
The haproxy.cfg file on the router host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log /dev/log local0 | |
| log /dev/log local1 notice | |
| chroot /var/lib/haproxy | |
| stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners | |
| stats timeout 30s | |
| user haproxy | |
| group haproxy | |
| daemon | |
| defaults | |
| log global | |
| mode http | |
| option httplog | |
| option dontlognull | |
| timeout connect 10s | |
| timeout client 60s | |
| timeout server 60s | |
| errorfile 400 /etc/haproxy/errors/400.http | |
| errorfile 403 /etc/haproxy/errors/403.http | |
| errorfile 408 /etc/haproxy/errors/408.http | |
| errorfile 500 /etc/haproxy/errors/500.http | |
| errorfile 502 /etc/haproxy/errors/502.http | |
| errorfile 503 /etc/haproxy/errors/503.http | |
| errorfile 504 /etc/haproxy/errors/504.http | |
| frontend http_in | |
| mode http | |
| option httplog | |
| bind *:80 | |
| option forwardfor | |
| acl host_server1 hdr(host) -i entroinfo.xyz | |
| acl host_server1 hdr(host) -i www.entroinfo.xyz | |
| acl host_server2 hdr(host) -i sub1.kubehttps.xyz | |
| acl host_server3 hdr(host) -i sub2.kubehttps.xyz | |
| use_backend http_server1 if host_server1 | |
| use_backend http_server2 if host_server2 | |
| use_backend http_server3 if host_server3 | |
| backend http_server1 | |
| mode http | |
| option httplog | |
| option forwardfor | |
| server server1 server1:80 | |
| backend http_server2 | |
| mode http | |
| option httplog | |
| option forwardfor | |
| server server2 server2:80 | |
| backend http_server3 | |
| mode http | |
| option httplog | |
| option forwardfor | |
| server server3 server3:80 | |
| frontend https_in | |
| mode tcp | |
| option tcplog | |
| bind *:443 | |
| acl tls req.ssl_hello_type 1 | |
| tcp-request inspect-delay 5s | |
| tcp-request content accept if tls | |
| acl host_server1 req.ssl_sni -i entroinfo.xyz | |
| acl host_server1 req.ssl_sni -i www.entroinfo.xyz | |
| acl host_server2 req.ssl_sni -i sub1.kubehttps.xyz | |
| acl host_server3 req.ssl_sni -i sub2.kubehttps.xyz | |
| use_backend https_server1 if host_server1 | |
| use_backend https_server2 if host_server2 | |
| use_backend https_server3 if host_server3 | |
| backend https_server1 | |
| mode tcp | |
| option tcplog | |
| option ssl-hello-chk | |
| server server1 server1:443 | |
| backend https_server2 | |
| mode tcp | |
| option tcplog | |
| option ssl-hello-chk | |
| server server2 server2:443 | |
| backend https_server3 | |
| mode tcp | |
| option tcplog | |
| option ssl-hello-chk | |
| server server3 server3:443 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment