Skip to content

Instantly share code, notes, and snippets.

@laocoi

laocoi/Haproxy-Master.md

Created June 18, 2018 16:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save laocoi/7953cbc9ae20597487fb233ade854644 to your computer and use it in GitHub Desktop.
Save laocoi/7953cbc9ae20597487fb233ade854644 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Haproxy-Master.md

Example config haproxy ssl with let's encrypt

global
	maxconn 2048
	tune.ssl.default-dh-param 2048
	
defaults	
	option forwardfor
	option http-server-close	

frontend www-http
	bind xxx.xxx.xxx.xxx:80
	reqadd X-Forwarded-Proto:\ http	
	default_backend servers
	
frontend www-https
   bind xxx.xxx.xxx.xxx:443 ssl crt /etc/haproxy/certs/example.com.pem
   reqadd X-Forwarded-Proto:\ https
   acl letsencrypt-acl path_beg /.well-known/acme-challenge/
   use_backend letsencrypt-backend if letsencrypt-acl
   default_backend servers
	
backend servers
	redirect scheme https if !{ ssl_fc }
	server webserver1 xxx.xxx.xxx.xxx:xxxx check
	server webserver2 xxx.xxx.xxx.xxx:xxxx check
	
backend letsencrypt-backend
   server letsencrypt 127.0.0.1:54321

Check config file

haproxy -f /etc/haproxy/haproxy.cfg -c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment