Skip to content

Instantly share code, notes, and snippets.

@xelwarto
Created May 25, 2015 11:49
Show Gist options
  • Save xelwarto/ac4f8b43e4194355082c to your computer and use it in GitHub Desktop.
Save xelwarto/ac4f8b43e4194355082c to your computer and use it in GitHub Desktop.
Jenkins CI haproxy configuration example
global
chroot /var/lib/haproxy
crt-base /etc/pki/tls/certs
daemon
group haproxy
log 127.0.0.1 local0
maxconn 2000
pidfile /var/run/haproxy.pid
stats socket /var/lib/haproxy/stats
tune.ssl.default-dh-param 2048
user haproxy
defaults
log global
maxconn 2000
mode http
option redispatch
option forwardfor
option http-server-close
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
frontend jenkins
bind *:443 no-sslv3 ssl crt jenkins-ci.cert
bind *:80
default_backend jenkins-mstr
redirect location https://jenkins.my.domain/ if !{ ssl_fc }
reqadd X-Forwarded-Proto:\ http
backend jenkins-mstr
balance roundrobin
http-request set-header Host 127.0.0.1:8080
reqirep ^([^\ \t:]*:)\ https://jenkins.my.domain/(.*) \1\ http://127.0.0.1:8080/\2
rspirep ^([^\ \t:]*:)\ http://127.0.0.1:8080/(.*) \1\ https://jenkins.my.domain/\2
server jenkins01 127.0.0.1:8080 check
@persus
Copy link

persus commented May 22, 2022

Oh I found it. Here is the proper backend configuration for the frontend configuration I posted above:

backend jenkins_srvc
  option forwardfor
  mode http
  http-request set-header X-Forwarded-Port %[dst_port]
  http-request add-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Host %[req.hdr(Host)]
  server cicd01 10.1.1.39:8080 check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment