bryanheinz/haproxy.cfg Secret

## haproxy.cfg
global
    daemon
    maxconn 4096
    tune.ssl.default-dh-param 2048
    no strict-limits

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms


frontend http-in
    bind *:80
    bind *:443 ssl crt /haproxy/ ssl-min-ver TLSv1.2
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
    http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
    http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"

    acl is_example hdr(host) -i example.com
    use_backend ex_back if is_example

backend ex_back
    balance roundrobin
    option httpclose
    option forwardfor
    redirect scheme https code 301 if !{ ssl_fc }
    server s1 192.168.1.2:8080
	global
	daemon
	maxconn 4096
	tune.ssl.default-dh-param 2048
	no strict-limits

	defaults
	mode http
	timeout connect 5000ms
	timeout client 50000ms
	timeout server 50000ms


	frontend http-in
	bind *:80
	bind *:443 ssl crt /haproxy/ ssl-min-ver TLSv1.2
	http-request set-header X-Forwarded-Proto https if { ssl_fc }
	http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
	http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"

	acl is_example hdr(host) -i example.com
	use_backend ex_back if is_example

	backend ex_back
	balance roundrobin
	option httpclose
	option forwardfor
	redirect scheme https code 301 if !{ ssl_fc }
	server s1 192.168.1.2:8080