Created
June 17, 2016 06:08
-
-
Save cmabastar/815ec49cde9b8e03df6fd95683c5e885 to your computer and use it in GitHub Desktop.
Haproxy for flask-socketio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
daemon | |
defaults | |
mode http | |
log global | |
option httplog | |
option http-server-close | |
option dontlognull | |
option redispatch | |
option contstats | |
retries 3 | |
backlog 10000 | |
# timeout client 25s | |
# timeout connect 5s | |
# timeout server 25s | |
# timeout tunnel available in ALOHA 5.5 or HAProxy 1.5-dev10 and higher | |
timeout tunnel 3600s | |
# timeout http-keep-alive 1s | |
timeout http-request 15s | |
# timeout queue 30s | |
# timeout tarpit 60s | |
default-server inter 3s rise 2 fall 3 | |
option forwardfor | |
frontend ft_web | |
mode tcp | |
# To get the server.pem | |
# fullchain.pem don't work because the privkey must come first | |
# do "cat privkey.pem cert.pem > server.pem" | |
bind *:8888 ssl crt /usr/local/etc/nginx/ssl/server.pem | |
stats enable | |
maxconn 10000 | |
acl hdr_connection_upgrade hdr(Connection) -i upgrade | |
acl hdr_upgrade_websocket hdr(Upgrade) -i websocket | |
use_backend ws if hdr_connection_upgrade hdr_upgrade_websocket | |
default_backend www | |
# To support the first Socket.io upgrading via polling (simple http api request) | |
backend www | |
mode http | |
cookie SIO insert | |
balance roundrobin | |
server websrv1 127.0.0.1:5001 maxconn 10000 weight 10 cookie websrv1 | |
#server websrv2 127.0.0.1:5002 maxconn 10000 weight 10 cookie websrv2 | |
backend ws | |
balance roundrobin | |
mode tcp | |
cookie SIO insert | |
## websocket protocol validation | |
acl hdr_connection_upgrade hdr(Connection) -i upgrade | |
acl hdr_upgrade_websocket hdr(Upgrade) -i websocket | |
acl hdr_websocket_key hdr_cnt(Sec-WebSocket-Key) eq 1 | |
acl hdr_websocket_version hdr_cnt(Sec-WebSocket-Version) eq 1 | |
http-request deny if ! hdr_connection_upgrade ! hdr_upgrade_websocket ! hdr_websocket_key ! hdr_websocket_version | |
## ensure our application protocol name is valid | |
## (don't forget to update the list each time you publish new applications) | |
## acl ws_valid_protocol hdr(Sec-WebSocket-Protocol) echo-protocol | |
## http-request deny if ! ws_valid_protocol | |
option forwardfor # This sets X-Forwarded-Forw | |
server websrv1 127.0.0.1:5001 maxconn 10000 weight 10 cookie websrv1 | |
#server websrv2 127.0.0.1:5002 maxconn 10000 weight 10 cookie websrv2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment