Skip to content

Instantly share code, notes, and snippets.

@jespada jespada/haproxy.cfg
Created Mar 9, 2013

Embed
What would you like to do?
haproxy(1.5) + ssl + websockets (see comments on how to create a .pem file)
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
timeout connect 5s
timeout client 50s
timeout server 50s
balance roundrobin
frontend wss_frontend
bind 0.0.0.0:443 ssl crt /etc/haproxy/server.pem
timeout client 86400000
default_backend bosh_backend
acl is_websocket hdr(Upgrade) -i WebSocket
acl is_websocket hdr_beg(Host) -i ws
# use_backend bosh_backend if is_websocket
#frontend all 0.0.0.0:80
# timeout client 86400000
# default_backend bosh_backend
# acl is_websocket hdr(Upgrade) -i WebSocket
# acl is_websocket hdr_beg(Host) -i ws
backend bosh_backend
balance roundrobin
option forwardfor # This sets X-Forwarded-For
timeout queue 5000
timeout server 86400000
timeout connect 5000
server node-xmpp-bosh 127.0.0.1:5282
listen admin
bind 127.0.0.1:9999
mode http
stats uri /
@jespada

This comment has been minimized.

Copy link
Owner Author

commented Mar 9, 2013

You have to generate a key and a certificate using openssl and concatenate them in a file, the certificate first, then the key.
$ cat server.crt server.key > server.pem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.