-
-
Save jamesbeedy/580efc6c8da25e7c4dbab0bd5c1d0657 to your computer and use it in GitHub Desktop.
haproxy-domain-based-routing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global | |
log /dev/log local0 | |
log /dev/log local1 notice | |
maxconn 4096 | |
user haproxy | |
group haproxy | |
spread-checks 0 | |
tune.ssl.default-dh-param 1024 | |
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA | |
defaults | |
log global | |
mode http | |
option httplog | |
option dontlognull | |
retries 3 | |
timeout queue 20000 | |
timeout client 50000 | |
timeout connect 5000 | |
timeout server 50000 | |
frontend haproxy-0-443 | |
mode http | |
bind 0.0.0.0:443 ssl crt /var/lib/haproxy/qa.pem no-sslv3 crt /var/lib/haproxy/staging.pem no-sslv3 crt /var/lib/haproxy/demo.pem no-sslv3 crt /var/lib/haproxy/integration.pem no-sslv3 | |
use_backend feed_qa if { ssl_fc_sni feed.qa.creativedrive.com } | |
use_backend feed_staging if { ssl_fc_sni feed.staging.creativedrive.com } | |
use_backend feed_integration if { ssl_fc_sni feedint.creativedrive.com } | |
use_backend feed_demo if { ssl_fc_sni feed.demo.creativedrive.com } | |
frontend haproxy-0-80 | |
bind 0.0.0.0:80 | |
redirect scheme https code 301 if !{ ssl_fc } | |
default_backend haproxy_service2 | |
backend haproxy_service2 | |
balance leastconn | |
backend feed_qa | |
balance leastconn | |
cookie SRVNAME insert | |
# server feed-qa 10.20.120.4:9000 maxconn 100 cookie S0 check | |
server feed-qa 10.20.122.144:9000 maxconn 100 cookie S0 check | |
backend feed_staging | |
balance leastconn | |
cookie SRVNAME insert | |
# server feed-staging 10.20.120.4:9001 maxconn 100 cookie S0 check | |
server feed-staging 10.20.122.144:9001 maxconn 100 cookie S0 check | |
backend feed_demo | |
balance leastconn | |
cookie SRVNAME insert | |
# server feed-demo 10.20.120.4:9002 maxconn 100 cookie S0 check | |
server feed-demo 10.20.122.144:9002 maxconn 100 cookie S0 check | |
backend feed_integration | |
balance leastconn | |
cookie SRVNAME insert | |
# server feed-integration 10.20.120.4:9003 maxconn 100 cookie S0 check | |
server feed-integration 10.20.122.144:9003 maxconn 100 cookie S0 check |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment