Skip to content

Instantly share code, notes, and snippets.

@techotaku

techotaku/haproxy.cfg

Last active Apr 11, 2020
Embed
What would you like to do?
HAProxy to Nginx (Web + V2Ray WebSocket) + OpenConnect + ShadowsocksR (TLS OBFS)
defaults
timeout connect 5s
timeout client 24h
timeout server 24h
global
log /dev/log local0
frontend ssl
log global
mode tcp
option tcplog
option dontlognull
bind 0.0.0.0:443
tcp-request inspect-delay 3s
tcp-request content accept if { req.ssl_hello_type 1 }
acl tls req.ssl_hello_type 1
acl has_sni req.ssl_sni -m found
use_backend ocserv if tls !has_sni
use_backend shadowsocksr if tls { req.ssl_sni -i your.tls.obfuscation.domain }
use_backend nginx if tls has_sni
default_backend nginx
backend ocserv
mode tcp
server sslvpn ocserv:443 send-proxy-v2
backend nginx
mode tcp
timeout server 5m
server webserver nginx:443 send-proxy
backend shadowsocksr
mode tcp
server socks ssr:443
@techotaku

This comment has been minimized.

Copy link
Owner Author

@techotaku techotaku commented Aug 13, 2017

How to enable proxy-protocol on:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.