Last active
March 11, 2018 09:30
-
-
Save jbq/a62148cc723746594c96 to your computer and use it in GitHub Desktop.
Haproxy SSL reverse proxy configuration for Docker registry
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global | |
| log 127.0.0.1 local0 debug | |
| chroot /var/lib/haproxy | |
| user haproxy | |
| group haproxy | |
| daemon | |
| tune.ssl.default-dh-param 2048 | |
| defaults | |
| log global | |
| mode http | |
| option httplog | |
| option dontlognull | |
| option forwardfor | |
| option logasap | |
| timeout connect 10000 | |
| timeout client 50000 | |
| timeout server 100000 | |
| maxconn 3000 | |
| errorfile 400 /etc/haproxy/errors/400.http | |
| errorfile 403 /etc/haproxy/errors/403.http | |
| errorfile 408 /etc/haproxy/errors/408.http | |
| errorfile 500 /etc/haproxy/errors/500.http | |
| errorfile 502 /etc/haproxy/errors/502.http | |
| errorfile 503 /etc/haproxy/errors/503.http | |
| errorfile 504 /etc/haproxy/errors/504.http | |
| frontend http | |
| bind *:80 | |
| redirect scheme https if !{ ssl_fc } | |
| frontend https | |
| bind *:443 ssl crt /etc/mycompany/certs/haproxy.pem | |
| acl host_docker hdr(host) -i docker.mycompany.com | |
| reqadd X-Forwarded-Port:\ 443 | |
| reqadd X-Forwarded-Proto:\ https | |
| reqadd X-Forwarded-Scheme:\ https | |
| use_backend docker if host_docker | |
| backend docker | |
| reqadd X-Forwarded-Host:\ docker.mycompany.com | |
| server docker localhost:5000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment