Created
November 13, 2019 18:44
-
-
Save Zodzie/207ab8805895a6111e7d716692f1a577 to your computer and use it in GitHub Desktop.
haproxy.cfg for docker registry:"2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| daemon | |
| maxconn 256 | |
| user haproxy | |
| group haproxy | |
| chroot /var/lib/haproxy | |
| ssl-default-bind-options no-sslv3 no-tlsv10 | |
| ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS | |
| ssl-default-server-options no-sslv3 no-tlsv10 | |
| ssl-default-server-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS | |
| tune.ssl.default-dh-param 2048 | |
| defaults | |
| mode http | |
| frontend http | |
| bind *:80 | |
| bind *:443 ssl crt /etc/haproxy/your.crt.and.privkey.pem | |
| acl is_registry hdr(Host) -i registry.yourdomain.com | |
| http-request set-header X-Forwarded-Proto https | |
| use_backend servers if is_registry | |
| backend servers | |
| redirect scheme https if !{ ssl_fc } | |
| server server 127.0.0.1:5000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment