Inicio Explorar Axuda
Iniciar sesión
pbarriat
/
Brevet
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 6c12c00fc9
Ramas Etiquetas
Brevet
/
dev
/
provisioning
/
ansible
/
roles
/
haproxy
/
templates
/
haproxy_http.cfg.j2

haproxy_http.cfg.j2 2.7 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 
  1. global
    2. 

  2.   log 127.0.0.1 local2
    3. 

  3.   chroot      /var/lib/haproxy
    4. 

  4.   pidfile     /var/run/haproxy.pid
    5. 

  5.   user haproxy
    6. 

  6.   group haproxy
    7. 

  7.   maxconn 5000
    8. 

  8.   nbproc          2
    9. 

  9.   cpu-map         1 0
    10. 

  10.   cpu-map         2 1
    11. 

  11.   daemon
    12. 

  12.   tune.ssl.default-dh-param 2048
    13. 

  13.   stats socket /var/lib/haproxy/stats mode 660 level admin
    14. 

  14. 

  15. listen stats
    16. 

  16.   bind :9000
    17. 

  17.   mode http
    18. 

  18.   stats enable
    19. 

  19.   stats hide-version
    20. 

  20.   stats show-node
    21. 

  21.   stats realm Haproxy\ Statistics
    22. 

  22.   stats uri /haproxy_stats
    23. 

  23.   stats auth admin:admin  # Authentication credentials
    24. 

  24.   timeout connect         86400
    25. 

  25.   timeout client          86400
    26. 

  26.   timeout server          86400
    27. 

  27. 

  28. defaults
    29. 

  29.   mode                    tcp
    30. 

  30.   log                     global
    31. 

  31.   option                  tcplog
    32. 

  32.   option                  dontlognull
    33. 

  33.   option http-server-close
    34. 

  34.   option forwardfor       except 127.0.0.0/8
    35. 

  35.   option                  redispatch
    36. 

  36.   retries                 3
    37. 

  37.   timeout http-request    10
    38. 

  38.   timeout queue           1m
    39. 

  39.   timeout connect         1m
    40. 

  40.   timeout client          1m
    41. 

  41.   timeout server          1m
    42. 

  42.   timeout http-keep-alive 10
    43. 

  43.   timeout check           10
    44. 

  44. 

  45. frontend ft_http
    46. 

  46.   bind *:80
    47. 

  47.   mode http
    48. 

  48.   timeout client          1m
    49. 

  49.   default_backend bk_http
    50. 

  50. 

  51. frontend ft_https
    52. 

  52.   bind *:443
    53. 

  53.   mode tcp
    54. 

  54.   timeout client          1m
    55. 

  55.   http-request set-header X-Forwarded-Proto: https
    56. 

  56.   default_backend bk_https
    57. 

  57. 

  58. #frontend ft_mix
    59. 

  59. #  mode http
    60. 

  60. #  bind *:80
    61. 

  61. #  bind *:443 ssl crt {{ ssl_crt_path }}/{{ ssl_name }}.pem
    62. 

  62. #  http-request redirect scheme https code 301 if !{ ssl_fc }
    63. 

  63. #  http-response set-header Strict-Transport-Security max-age=63072000
    64. 

  64. #  default_backend bk_mix
    65. 

  65. #
    66. 

  66. #backend bk_mix
    67. 

  67. #  mode http
    68. 

  68. #  balance {{ backend_balance_method }}
    69. 

  69. #  default-server inter 1s
    70. 

  70. #  timeout connect         10s 
    71. 

  71. #  timeout server          1m  
    72. 

  72. #  {% if haproxy_backend_servers != '' %}
    73. 

  73. #  {% for item in haproxy_backend_servers %}
    74. 

  74. #  server {{ item }} {{ hostvars[item]['ansible_host'] }}:80 maxconn 250 check id {{ loop.index }}
    75. 

  75. #  {% endfor %}
    76. 

  76. #  {% endif %}
    77. 

  77. 

  78. backend bk_http
    79. 

  79.   mode http
    80. 

  80.   balance {{ backend_balance_method }}
    81. 

  81.   default-server inter 1s
    82. 

  82.   timeout connect         10s
    83. 

  83.   timeout server          1m
    84. 

  84.   {% if haproxy_backend_servers != '' %}
    85. 

  85.   {% for item in haproxy_backend_servers %}
    86. 

  86.   server {{ item }} {{ hostvars[item]['ansible_host'] }}:80 maxconn 250 check id {{ loop.index }}
    87. 

  87.   {% endfor %}
    88. 

  88.   {% endif %}
    89. 

  89. 

  90. backend bk_https
    91. 

  91.   mode tcp
    92. 

  92.   balance {{ backend_balance_method }}
    93. 

  93.   option ssl-hello-chk
    94. 

  94.   default-server inter 1s
    95. 

  95.   timeout connect         10s
    96. 

  96.   timeout server          1m
    97. 

  97.   {% if haproxy_backend_servers != '' %}
    98. 

  98.   {% for item in haproxy_backend_servers %}
    99. 

  99.   server {{ item }} {{ hostvars[item]['ansible_host'] }}:443 maxconn 250 check id {{ loop.index }}
    100. 

  100.   {% endfor %}
    101. 

  101.   {% endif %}
    102.