-
-
Save bryanheinz/7498773d4706d378c407adbc23619541 to your computer and use it in GitHub Desktop.
HAProxy config.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
daemon | |
maxconn 4096 | |
tune.ssl.default-dh-param 2048 | |
no strict-limits | |
defaults | |
mode http | |
timeout connect 5000ms | |
timeout client 50000ms | |
timeout server 50000ms | |
frontend http-in | |
bind *:80 | |
bind *:443 ssl crt /haproxy/ ssl-min-ver TLSv1.2 | |
http-request set-header X-Forwarded-Proto https if { ssl_fc } | |
http-request set-header X-Forwarded-Proto http if !{ ssl_fc } | |
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;" | |
acl is_example hdr(host) -i example.com | |
use_backend ex_back if is_example | |
backend ex_back | |
balance roundrobin | |
option httpclose | |
option forwardfor | |
redirect scheme https code 301 if !{ ssl_fc } | |
server s1 192.168.1.2:8080 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment