Created
March 9, 2013 21:03
-
-
Save jespada/5125739 to your computer and use it in GitHub Desktop.
haproxy(1.5) + ssl + websockets (see comments on how to create a .pem file)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
defaults | |
log global | |
mode http | |
option httplog | |
option dontlognull | |
retries 3 | |
option redispatch | |
timeout connect 5s | |
timeout client 50s | |
timeout server 50s | |
balance roundrobin | |
frontend wss_frontend | |
bind 0.0.0.0:443 ssl crt /etc/haproxy/server.pem | |
timeout client 86400000 | |
default_backend bosh_backend | |
acl is_websocket hdr(Upgrade) -i WebSocket | |
acl is_websocket hdr_beg(Host) -i ws | |
# use_backend bosh_backend if is_websocket | |
#frontend all 0.0.0.0:80 | |
# timeout client 86400000 | |
# default_backend bosh_backend | |
# acl is_websocket hdr(Upgrade) -i WebSocket | |
# acl is_websocket hdr_beg(Host) -i ws | |
backend bosh_backend | |
balance roundrobin | |
option forwardfor # This sets X-Forwarded-For | |
timeout queue 5000 | |
timeout server 86400000 | |
timeout connect 5000 | |
server node-xmpp-bosh 127.0.0.1:5282 | |
listen admin | |
bind 127.0.0.1:9999 | |
mode http | |
stats uri / |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You have to generate a key and a certificate using openssl and concatenate them in a file, the certificate first, then the key.
$ cat server.crt server.key > server.pem