59 lines
1.5 KiB
Plaintext
59 lines
1.5 KiB
Plaintext
|
global
|
||
|
log 127.0.0.1 local0
|
||
|
log 127.0.0.1 local1 notice
|
||
|
chroot /var/lib/haproxy
|
||
|
stats socket /run/haproxy/admin.sock mode 660 level admin
|
||
|
stats timeout 30s
|
||
|
user haproxy
|
||
|
group haproxy
|
||
|
daemon
|
||
|
|
||
|
# Default SSL material locations
|
||
|
ca-base /etc/ssl/certs
|
||
|
crt-base /etc/ssl/private
|
||
|
|
||
|
# Default ciphers to use on SSL-enabled listening sockets.
|
||
|
# For more information, see ciphers(1SSL).
|
||
|
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
|
||
|
|
||
|
defaults
|
||
|
log global
|
||
|
mode http
|
||
|
option httplog
|
||
|
option dontlognull
|
||
|
timeout connect 5000
|
||
|
timeout client 50000
|
||
|
timeout server 50000
|
||
|
errorfile 400 /etc/haproxy/errors/400.http
|
||
|
errorfile 403 /etc/haproxy/errors/403.http
|
||
|
errorfile 408 /etc/haproxy/errors/408.http
|
||
|
errorfile 500 /etc/haproxy/errors/500.http
|
||
|
errorfile 502 /etc/haproxy/errors/502.http
|
||
|
errorfile 503 /etc/haproxy/errors/503.http
|
||
|
errorfile 504 /etc/haproxy/errors/504.http
|
||
|
|
||
|
frontend localnodes
|
||
|
bind *:80
|
||
|
mode http
|
||
|
default_backend nodes
|
||
|
|
||
|
backend nodes
|
||
|
mode http
|
||
|
balance roundrobin
|
||
|
option forwardfor
|
||
|
http-request set-header X-Forwarded-Port %[dst_port]
|
||
|
http-request add-header X-Forwarded-Proto https if { ssl_fc }
|
||
|
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
|
||
|
#server worker_01 172.22.244.81:80 check
|
||
|
{% for host in groups['worker'] %}
|
||
|
server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_default_ipv4'].address }}:80 check
|
||
|
{% endfor %}
|
||
|
|
||
|
listen stats
|
||
|
bind *:1936
|
||
|
stats enable
|
||
|
stats uri /
|
||
|
stats hide-version
|
||
|
stats auth admin:admin
|
||
|
|