Skip to content

Instantly share code, notes, and snippets.

@haproxytechblog
Last active August 3, 2023 17:56
Show Gist options
  • Save haproxytechblog/506671f44a15f65f02fecb7a817f3944 to your computer and use it in GitHub Desktop.
Save haproxytechblog/506671f44a15f65f02fecb7a817f3944 to your computer and use it in GitHub Desktop.
The Four Essential Sections of an HAProxy Configuration
haproxy -c -f /etc/hapee-1.8/hapee-lb.cfg
global
# global settings here
defaults
# defaults here
frontend
# a frontend that accepts requests from clients
backend
# servers that fulfill the requests
global
maxconn 50000
log /dev/log local0
user haproxy
group haproxy
stats socket /run/haproxy/admin.sock user haproxy group haproxy mode 660 level admin
ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
timeout connect 10s
timeout client 30s
timeout server 30s
log global
mode http
option httplog
maxconn 3000
frontend www.mysite.com
bind 10.0.0.3:80
bind 10.0.0.3:443 ssl crt /etc/ssl/certs/mysite.pem
http-request redirect scheme https unless { ssl_fc }
use_backend api_servers if { path_beg /api/ }
default_backend web_servers
backend web_servers
balance roundrobin
cookie SERVERUSED insert indirect nocache
option httpchk HEAD /
default-server check maxconn 20
server server1 10.0.1.3:80 cookie server1
server server2 10.0.1.4:80 cookie server2
listen stats
bind *:8404
stats enable
stats uri /monitor
stats refresh 5s
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment