Created
September 18, 2017 08:36
-
-
Save JohannesRudolph/b55bae5c2d3ce5af7604f5515521a5d5 to your computer and use it in GitHub Desktop.
HAProxy CORS config for Openstack Swift using radosgw - with buffer issue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
chroot /var/lib/haproxy | |
stats socket /run/haproxy/admin.sock mode 660 level admin | |
stats timeout 30s | |
user haproxy | |
group haproxy | |
daemon | |
ca-base /etc/ssl/certs | |
crt-base /etc/ssl/private | |
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS | |
ssl-default-bind-options no-sslv3 | |
lua-load /etc/haproxy/cors.lua | |
defaults | |
log global | |
mode http | |
option redispatch | |
option httplog | |
option forwardfor | |
retries 3 | |
timeout http-request 10s | |
timeout queue 2m | |
timeout connect 1m | |
timeout client 10m | |
timeout server 10m | |
timeout check 10s | |
errorfile 400 /etc/haproxy/errors/400.http | |
errorfile 403 /etc/haproxy/errors/403.http | |
errorfile 408 /etc/haproxy/errors/408.http | |
errorfile 500 /etc/haproxy/errors/500.http | |
errorfile 502 /etc/haproxy/errors/502.http | |
errorfile 503 /etc/haproxy/errors/503.http | |
errorfile 504 /etc/haproxy/errors/504.http | |
listen stats | |
bind 0.0.0.0:9000 # Listen on localhost:9000 | |
mode http | |
stats enable # Enable stats page | |
stats realm Haproxy\ Statistics # Title text for popup window | |
stats uri /haproxy_stats # Stats URI | |
stats auth Username:Password # Authentication credentials | |
frontend objectstore | |
log /dev/log local2 debug | |
option http-buffer-request | |
bind 0.0.0.0:443 ssl crt /etc/haproxy/haproxy.pem | |
http-request del-header X-Forwarded-Proto if { ssl_fc } | |
http-request set-header X-Forwarded-Proto https if { ssl_fc } | |
default_backend radosgw | |
capture request header origin len 128 | |
http-request use-service lua.cors-response if METH_OPTIONS { req.hdr(origin) -m found } | |
rspadd Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found } | |
rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found } | |
rspadd Access-Control-Expose-Headers:\ Location,\ Www-Authenticate,\ ETag,\ Expires,\ Last-Modified,\ Cache-Control,\ Content-Type,\ X-Auth-Token,\ X-Service-Token,\ X-Newest,\ X-Trans-Id-Extra,\ X-Trans-Id,\ X-Account-Meta-Temp-URL-Key,\ X-Account-Meta-Temp-URL-Key-2,\ X-Timestamp,\ X-Openstack-Request-Id,\ X-Account-Bytes-Used,\ X-Account-Container-Count,\ X-Account-Object-Count,\ X-Account-Meta-Quota-Bytes,\ X-Account-Access-Control,\ X-Container-Meta-Temp-URL-Key,\ X-Container-Meta-Temp-URL-Key-2,\ X-Storage-Policy,\ X-Container-Object-Count,\ X-Container-Bytes-Used,\ X-Container-Meta-Quota-Count,\ X-Container-Meta-Quota-Bytes,\ X-Container-Read,\ X-Container-Write,\ X-Container-Sync-Key,\ X-Container-Sync-To,\ X-Versions-Location,\ X-History-Location,\ X-Container-Meta-Access-Control-Allow-Origin,\ X-Container-Meta-Access-Control-Max-Age,\ X-Container-Meta-Access-Control-Expose-Headers,\ X-Remove-Container-Read,\ X-Remove-Versions-Location,\ X-Remove-History-Location,\ X-Object-Manifest,\ X-Delete-At,\ X-Static-Large-Object,\ X-Detect-Content-Type,\ X-Copy-From,\ X-Copy-From-Account,\ X-Delete-After,\ X-Fresh-Metadata,\ X-Copied-From-Last-Modified,\ X-Copied-From,\ X-Copied-From-Account,\ X-Container-Meta-Web-Directory-Type | |
backend radosgw | |
option prefer-last-server | |
balance leastconn | |
server ceph00 10.10.16.10:7480 check inter 2000 rise 2 fall 5 | |
# more servers here |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment