Created
August 14, 2016 20:30
-
-
Save mzvast/2f288d0d649259cdae8594fb393efd9e to your computer and use it in GitHub Desktop.
vps2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
log 127.0.0.1 local2 | |
chroot /var/lib/haproxy | |
pidfile /var/run/haproxy.pid | |
maxconn 4000 | |
user haproxy | |
group haproxy | |
daemon | |
# turn on stats unix socket | |
stats socket /var/lib/haproxy/stats | |
tune.ssl.default-dh-param 2048 | |
#--------------------------------------------------------------------- | |
# common defaults that all the 'listen' and 'backend' sections will | |
# use if not designated in their block | |
#--------------------------------------------------------------------- | |
defaults | |
mode http | |
log global | |
option httplog | |
option dontlognull | |
option http-server-close | |
option forwardfor | |
option redispatch | |
retries 3 | |
timeout http-request 10s | |
timeout queue 1m | |
timeout connect 10s | |
timeout client 1m | |
timeout server 1m | |
timeout http-keep-alive 10s | |
timeout check 10s | |
maxconn 3000 | |
#-------------------------- | |
# frontend | |
#-------------------------- | |
frontend www-http | |
bind *:80 | |
reqadd X-Forwarded-Proto:\ http | |
redirect scheme https if !{ ssl_fc } | |
frontend www-https | |
bind *:443 no-sslv3 ssl crt /etc/haproxy/ssl | |
acl letsencrypt-acl path_beg /.well-known/acme-challenge/ | |
use_backend letsencrypt-backend if letsencrypt-acl | |
acl jenkins hdr(host) -i ci.miaocode.me | |
use_backend jenkins_server if jenkins | |
#-------------------------- | |
# backend | |
#-------------------------- | |
backend letsencrypt-backend | |
server letsencrypt 127.0.0.1:54321 | |
backend jenkins_server | |
http-request set-header Host 127.0.0.1:8080 | |
reqirep ^([^\ \t:]*:)\ https://ci.miaocode.me/(.*) \1\ http://127.0.0.1:8080/\2 | |
reqadd X-Forwarded-Proto:\ http | |
rspirep ^([^\ \t:]*:)\ http://127.0.0.1:8080/(.*) \1\ https://ci.miaocode.me/\2 | |
server local_jenkins 127.0.0.1:8080 check |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment