jamesbeedy/haproxy.cfg Secret

## haproxy.cfg
global
    log /dev/log local0
    log /dev/log local1 notice
    maxconn 4096
    user haproxy
    group haproxy
    spread-checks 0
    tune.ssl.default-dh-param 1024
    ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

defaults
    log global
    mode http
    option httplog
    option dontlognull
    retries 3
    timeout queue 20000
    timeout client 50000
    timeout connect 5000
    timeout server 50000

frontend haproxy-0-443
    mode http
    bind 0.0.0.0:443 ssl crt /var/lib/haproxy/qa.pem no-sslv3 crt /var/lib/haproxy/staging.pem no-sslv3 crt /var/lib/haproxy/demo.pem no-sslv3 crt /var/lib/haproxy/integration.pem no-sslv3
    use_backend feed_qa if { ssl_fc_sni feed.qa.creativedrive.com }
    use_backend feed_staging if { ssl_fc_sni feed.staging.creativedrive.com }
    use_backend feed_integration if { ssl_fc_sni feedint.creativedrive.com }
    use_backend feed_demo if { ssl_fc_sni feed.demo.creativedrive.com }


frontend haproxy-0-80
    bind 0.0.0.0:80
    redirect scheme https code 301 if !{ ssl_fc }
    default_backend haproxy_service2

backend haproxy_service2
    balance leastconn

backend feed_qa
    balance leastconn
    cookie SRVNAME insert
    # server feed-qa 10.20.120.4:9000 maxconn 100 cookie S0 check
    server feed-qa 10.20.122.144:9000 maxconn 100 cookie S0 check

backend feed_staging
    balance leastconn
    cookie SRVNAME insert
    # server feed-staging 10.20.120.4:9001 maxconn 100 cookie S0 check
    server feed-staging 10.20.122.144:9001 maxconn 100 cookie S0 check

backend feed_demo
    balance leastconn
    cookie SRVNAME insert
    # server feed-demo 10.20.120.4:9002 maxconn 100 cookie S0 check
    server feed-demo 10.20.122.144:9002 maxconn 100 cookie S0 check

backend feed_integration
    balance leastconn
    cookie SRVNAME insert
    # server feed-integration 10.20.120.4:9003 maxconn 100 cookie S0 check
    server feed-integration 10.20.122.144:9003 maxconn 100 cookie S0 check
	global
	log /dev/log local0
	log /dev/log local1 notice
	maxconn 4096
	user haproxy
	group haproxy
	spread-checks 0
	tune.ssl.default-dh-param 1024
	ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

	defaults
	log global
	mode http
	option httplog
	option dontlognull
	retries 3
	timeout queue 20000
	timeout client 50000
	timeout connect 5000
	timeout server 50000

	frontend haproxy-0-443
	mode http
	bind 0.0.0.0:443 ssl crt /var/lib/haproxy/qa.pem no-sslv3 crt /var/lib/haproxy/staging.pem no-sslv3 crt /var/lib/haproxy/demo.pem no-sslv3 crt /var/lib/haproxy/integration.pem no-sslv3
	use_backend feed_qa if { ssl_fc_sni feed.qa.creativedrive.com }
	use_backend feed_staging if { ssl_fc_sni feed.staging.creativedrive.com }
	use_backend feed_integration if { ssl_fc_sni feedint.creativedrive.com }
	use_backend feed_demo if { ssl_fc_sni feed.demo.creativedrive.com }


	frontend haproxy-0-80
	bind 0.0.0.0:80
	redirect scheme https code 301 if !{ ssl_fc }
	default_backend haproxy_service2

	backend haproxy_service2
	balance leastconn

	backend feed_qa
	balance leastconn
	cookie SRVNAME insert
	# server feed-qa 10.20.120.4:9000 maxconn 100 cookie S0 check
	server feed-qa 10.20.122.144:9000 maxconn 100 cookie S0 check

	backend feed_staging
	balance leastconn
	cookie SRVNAME insert
	# server feed-staging 10.20.120.4:9001 maxconn 100 cookie S0 check
	server feed-staging 10.20.122.144:9001 maxconn 100 cookie S0 check

	backend feed_demo
	balance leastconn
	cookie SRVNAME insert
	# server feed-demo 10.20.120.4:9002 maxconn 100 cookie S0 check
	server feed-demo 10.20.122.144:9002 maxconn 100 cookie S0 check

	backend feed_integration
	balance leastconn
	cookie SRVNAME insert
	# server feed-integration 10.20.120.4:9003 maxconn 100 cookie S0 check
	server feed-integration 10.20.122.144:9003 maxconn 100 cookie S0 check