haproxytechblog

## blog20201222-01.cfg
backend serviceA
   default-server maxconn 30  check  observe layer7  error-limit 50  on-error mark-down  inter 1s  rise 30  slowstart 20s
   server s1 192.168.0.10:80
   server s2 192.168.0.11:80

## blog20201221-01.cfg
frontend fe_ssh
   bind *:2222 ssl crt /etc/haproxy/certs/ssl.pem
   mode tcp
   log-format "%ci:%cp [%t] %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq dst:%[var(sess.dst)] "
   tcp-request content set-var(sess.dst) ssl_fc_sni
   use_backend %[ssl_fc_sni]

## blog20201208-01.cfg
backend servers
   # connections will be marked as private and can't be shared between users
   server srv1 10.0.0.1:443 check ssl sni hdr(Host)

   # not marked private, is reusable
   server srv2 10.0.0.2:443 check ssl sni str(my.domain.com)

## blog20201116-01.cfg
global
    log    127.0.0.1:514    sample 1:10     local0     info

## blog20201110-01.cfg
defaults
    # mode is inherited by sections that follow
    mode tcp

frontend db
    # receives traffic from clients
    bind :3306
    default_backend databases

backend databases

## blog20201105-01.cfg
log-forward syslog-lb
    bind :::7514       # Listen on TCP IPv4/IPv6
    dgram-bind :::7514 # Listen on UDP IPv4/IPv6

    # load balance messages on 4 udp syslog servers
    log 10.1.0.2:10001 format rfc5424 sample 1:4 local0 info
    log 10.1.0.3:10002 format rfc5424 sample 2:4 local0 info
    log 10.1.0.4:10003 format rfc5424 sample 3:4 local0 info
    log 10.1.0.5:10004 format rfc5424 sample 4:4 local0 info

## blog20201021-01.cfg
global
    # global settings

defaults
    # default settings

cache mycache
    total-max-size 4095   # MB
    max-object-size 10000 # bytes
    max-age 30            # seconds

## blog20201019-01.cfg
frontend www.mywebsite.com
    bind :80
    bind :443 ssl crt /etc/ssl/certs/mywebsite.com.pem
    http-request redirect scheme https code 301 unless { ssl_fc }
    default_backend servers

## blog20200925-01.html
HTTP/1.1 404 Not Found
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <title>404 Not Found</title>

## blog20200921-01.conf
SecRule ARGS "@rx \d" "id:1000,phase:2,deny,capture,log,msg:'Numeric payload'"
	backend serviceA
	default-server maxconn 30 check observe layer7 error-limit 50 on-error mark-down inter 1s rise 30 slowstart 20s
	server s1 192.168.0.10:80
	server s2 192.168.0.11:80
	frontend fe_ssh
	bind *:2222 ssl crt /etc/haproxy/certs/ssl.pem
	mode tcp
	log-format "%ci:%cp [%t] %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq dst:%[var(sess.dst)] "
	tcp-request content set-var(sess.dst) ssl_fc_sni
	use_backend %[ssl_fc_sni]
	backend servers
	# connections will be marked as private and can't be shared between users
	server srv1 10.0.0.1:443 check ssl sni hdr(Host)

	# not marked private, is reusable
	server srv2 10.0.0.2:443 check ssl sni str(my.domain.com)
	defaults
	# mode is inherited by sections that follow
	mode tcp

	frontend db
	# receives traffic from clients
	bind :3306
	default_backend databases

	backend databases
	log-forward syslog-lb
	bind :::7514 # Listen on TCP IPv4/IPv6
	dgram-bind :::7514 # Listen on UDP IPv4/IPv6

	# load balance messages on 4 udp syslog servers
	log 10.1.0.2:10001 format rfc5424 sample 1:4 local0 info
	log 10.1.0.3:10002 format rfc5424 sample 2:4 local0 info
	log 10.1.0.4:10003 format rfc5424 sample 3:4 local0 info
	log 10.1.0.5:10004 format rfc5424 sample 4:4 local0 info
	global
	# global settings

	defaults
	# default settings

	cache mycache
	total-max-size 4095 # MB
	max-object-size 10000 # bytes
	max-age 30 # seconds
	frontend www.mywebsite.com
	bind :80
	bind :443 ssl crt /etc/ssl/certs/mywebsite.com.pem
	http-request redirect scheme https code 301 unless { ssl_fc }
	default_backend servers
	HTTP/1.1 404 Not Found
	Cache-Control: no-cache
	Connection: close
	Content-Type: text/html

	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="utf-8" />
	<title>404 Not Found</title>