bsphere/haproxy.cfg

## haproxy.cfg
global
  maxconn  4096
  daemon

defaults
  mode  http

frontend insecure
  # HTTP
  bind :80

  timeout client 5000

  # acl
  acl is_admin hdr_end(host) -i admin.myapp.com
  acl is_client hdr_end(host) -i www.myapp.com
  acl is_websocket hdr(Upgrade) -i WebSocket
  acl is_websocket hdr_beg(Host) -i ws

  # Redirect all HTTP traffic to HTTPS
  redirect location https://admin.myapp.com if is_admin

  default_backend varnish
  use_backend myapp_admin if is_admin is_websocket
  use_backend myapp_client if is_client is_websocket

frontend secure
  # HTTPS
  bind :443 ssl crt /etc/ssl/admin.myapp.com.pem

  timeout client 5000

  # acl
  acl is_admin hdr_end(host) -i admin.myapp.com
  acl is_client hdr_end(host) -i www.myapp.com
  acl is_websocket hdr(Upgrade) -i WebSocket
  acl is_websocket hdr_beg(Host) -i ws
  acl is_websocket hdr_beg(Host) -i wss

  default_backend varnish
  use_backend myapp_admin if is_admin is_websocket
  use_backend myapp_client if is_client is_websocket

backend varnish
  balance leastconn
  option forwardfor
  timeout server 5000
  timeout connect 4000
  server varnish1 127.0.0.1:6081

backend myapp_client
  balance leastconn
  option forwardfor
  timeout queue 5000
  timeout server 5000
  timeout connect 5000
  server client_node1 127.0.0.1:3000

backend myapp_admin
  balance leastconn
  option forwardfor
  timeout queue 5000
  timeout server 5000
  timeout connect 5000
  timeout tunnel 86400000
  server admin_node1 127.0.0.1:3001
	global
	maxconn 4096
	daemon

	defaults
	mode http

	frontend insecure
	# HTTP
	bind :80

	timeout client 5000

	# acl
	acl is_admin hdr_end(host) -i admin.myapp.com
	acl is_client hdr_end(host) -i www.myapp.com
	acl is_websocket hdr(Upgrade) -i WebSocket
	acl is_websocket hdr_beg(Host) -i ws

	# Redirect all HTTP traffic to HTTPS
	redirect location https://admin.myapp.com if is_admin

	default_backend varnish
	use_backend myapp_admin if is_admin is_websocket
	use_backend myapp_client if is_client is_websocket

	frontend secure
	# HTTPS
	bind :443 ssl crt /etc/ssl/admin.myapp.com.pem

	timeout client 5000

	# acl
	acl is_admin hdr_end(host) -i admin.myapp.com
	acl is_client hdr_end(host) -i www.myapp.com
	acl is_websocket hdr(Upgrade) -i WebSocket
	acl is_websocket hdr_beg(Host) -i ws
	acl is_websocket hdr_beg(Host) -i wss

	default_backend varnish
	use_backend myapp_admin if is_admin is_websocket
	use_backend myapp_client if is_client is_websocket

	backend varnish
	balance leastconn
	option forwardfor
	timeout server 5000
	timeout connect 4000
	server varnish1 127.0.0.1:6081

	backend myapp_client
	balance leastconn
	option forwardfor
	timeout queue 5000
	timeout server 5000
	timeout connect 5000
	server client_node1 127.0.0.1:3000

	backend myapp_admin
	balance leastconn
	option forwardfor
	timeout queue 5000
	timeout server 5000
	timeout connect 5000
	timeout tunnel 86400000
	server admin_node1 127.0.0.1:3001