- Restart rsyslog:
service rsyslog restart - Default runlevels:
update-rc.d haproxy defaults - Start HAProxy:
service haproxy start
Last active
October 10, 2022 14:04
-
-
Save SayBeano/d135c21bec7d98b920e0d0e90427d0c6 to your computer and use it in GitHub Desktop.
HAproxy: configure. init.d and execute
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log /dev/log local0 | |
| log /dev/log local1 notice | |
| chroot /var/lib/haproxy | |
| user haproxy | |
| group haproxy | |
| daemon | |
| ca-base /etc/haproxy/keys | |
| crt-base /etc/haproxy/keys | |
| tune.ssl.default-dh-param 1024 | |
| defaults | |
| log global | |
| mode tcp | |
| option tcplog | |
| option dontlognull | |
| timeout connect 5000 | |
| timeout client 3600000 | |
| timeout server 3600000 | |
| errorfile 400 /etc/haproxy/errors/400.http | |
| errorfile 403 /etc/haproxy/errors/403.http | |
| errorfile 408 /etc/haproxy/errors/408.http | |
| errorfile 500 /etc/haproxy/errors/500.http | |
| errorfile 502 /etc/haproxy/errors/502.http | |
| errorfile 503 /etc/haproxy/errors/503.http | |
| errorfile 504 /etc/haproxy/errors/504.http | |
| frontend incoming_https | |
| # get the bind files right | |
| bind \*:443 ssl crt bundle.pem ca-file ca.crt | |
| option tcplog | |
| mode tcp | |
| default_backend fno | |
| acl white_list src 192.168.0.0/24 | |
| tcp-request content accept if white_list | |
| tcp-request content reject | |
| backend fno | |
| mode tcp | |
| option ssl-hello-chk | |
| # Pointer | |
| server fno remote.com:443 ssl verify none |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: haproxy | |
| # Required-Start: $local_fs $network $remote_fs | |
| # Required-Stop: $local_fs $remote_fs | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: fast and reliable load balancing reverse proxy | |
| # Description: This file should be used to start and stop haproxy. | |
| ### END INIT INFO | |
| # Author: Arnaud Cornet <acornet@debian.org> | |
| PATH=/sbin:/usr/sbin:/bin:/usr/bin | |
| PIDFILE=/var/run/haproxy.pid | |
| CONFIG=/etc/haproxy/haproxy.cfg | |
| HAPROXY=/usr/local/sbin/haproxy | |
| EXTRAOPTS= | |
| ENABLED=0 | |
| test -x $HAPROXY || exit 0 | |
| if [ -e /etc/default/haproxy ]; then | |
| . /etc/default/haproxy | |
| fi | |
| test -f "$CONFIG" || exit 0 | |
| test "$ENABLED" != "0" || exit 0 | |
| [ -f /etc/default/rcS ] && . /etc/default/rcS | |
| . /lib/lsb/init-functions | |
| clean() | |
| { | |
| if [ -e "$tmp" ];then | |
| rm -f "$tmp" | |
| fi | |
| } | |
| trap clean EXIT | |
| check_haproxy_config() | |
| { | |
| $HAPROXY -c -f "$CONFIG" >/dev/null | |
| if [ $? -eq 1 ]; then | |
| log_end_msg 1 | |
| exit 1 | |
| fi | |
| } | |
| haproxy_start() | |
| { | |
| check_haproxy_config | |
| start-stop-daemon --quiet --oknodo --start --pidfile "$PIDFILE" \ | |
| --exec $HAPROXY -- -f "$CONFIG" -D -p "$PIDFILE" \ | |
| $EXTRAOPTS || return 2 | |
| return 0 | |
| } | |
| haproxy_stop() | |
| { | |
| tmp=$(tempfile -s .haproxy.init) | |
| if [ ! -f $PIDFILE ] ; then | |
| # This is a success according to LSB | |
| return 0 | |
| fi | |
| ret=0 | |
| for pid in $(cat $PIDFILE); do | |
| echo $pid > "$tmp" | |
| start-stop-daemon --quiet --oknodo --stop \ | |
| --retry 5 --pidfile "$tmp" --exec $HAPROXY || ret=$? | |
| done | |
| [ $ret -eq 0 ] && rm -f $PIDFILE | |
| return $ret | |
| } | |
| haproxy_reload() | |
| { | |
| check_haproxy_config | |
| $HAPROXY -f "$CONFIG" -p $PIDFILE -D $EXTRAOPTS -sf $(cat $PIDFILE) \ | |
| || return 2 | |
| return 0 | |
| } | |
| haproxy_status() | |
| { | |
| if [ ! -f $PIDFILE ] ; then | |
| # program not running | |
| return 3 | |
| fi | |
| for pid in $(cat $PIDFILE) ; do | |
| if ! ps --no-headers p "$pid" | grep haproxy > /dev/null ; then | |
| # program running, bogus pidfile | |
| return 1 | |
| fi | |
| done | |
| return 0 | |
| } | |
| case "$1" in | |
| start) | |
| log_daemon_msg "Starting haproxy" "haproxy" | |
| haproxy_start | |
| ret=$? | |
| case "$ret" in | |
| 0) | |
| log_end_msg 0 | |
| ;; | |
| 1) | |
| log_end_msg 1 | |
| echo "pid file '$PIDFILE' found, haproxy not started." | |
| ;; | |
| 2) | |
| log_end_msg 1 | |
| ;; | |
| esac | |
| exit $ret | |
| ;; | |
| stop) | |
| log_daemon_msg "Stopping haproxy" "haproxy" | |
| haproxy_stop | |
| ret=$? | |
| case "$ret" in | |
| 0|1) | |
| log_end_msg 0 | |
| ;; | |
| 2) | |
| log_end_msg 1 | |
| ;; | |
| esac | |
| exit $ret | |
| ;; | |
| reload|force-reload) | |
| log_daemon_msg "Reloading haproxy" "haproxy" | |
| haproxy_reload | |
| ret=$? | |
| case "$ret" in | |
| 0|1) | |
| log_end_msg 0 | |
| ;; | |
| 2) | |
| log_end_msg 1 | |
| ;; | |
| esac | |
| exit $ret | |
| ;; | |
| restart) | |
| log_daemon_msg "Restarting haproxy" "haproxy" | |
| haproxy_stop | |
| haproxy_start | |
| ret=$? | |
| case "$ret" in | |
| 0) | |
| log_end_msg 0 | |
| ;; | |
| 1) | |
| log_end_msg 1 | |
| ;; | |
| 2) | |
| log_end_msg 1 | |
| ;; | |
| esac | |
| exit $ret | |
| ;; | |
| status) | |
| haproxy_status | |
| ret=$? | |
| case "$ret" in | |
| 0) | |
| echo "haproxy is running." | |
| ;; | |
| 1) | |
| echo "haproxy dead, but $PIDFILE exists." | |
| ;; | |
| *) | |
| echo "haproxy not running." | |
| ;; | |
| esac | |
| exit $ret | |
| ;; | |
| *) | |
| echo "Usage: /etc/init.d/haproxy {start|stop|reload|restart|status}" | |
| exit 2 | |
| ;; | |
| esac | |
| : |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment