zdk/gist:8e7bdafde39eda7827fe4647d51fff11

## gistfile1.txt
#!/bin/bash
openssl req -nodes -x509 -newkey rsa:2048 -keyout /etc/ssl/private/test.key -out /etc/ssl/private/test.crt -days 30
cat /etc/ssl/private/test.key /etc/ssl/private/test.crt > /etc/ssl/private/test.pem

cat <<EOL >> /etc/haproxy/haproxy.cfg
defaults
  mode http
  timeout client 10s
  timeout connect 5s
  timeout server 10s
  timeout http-request 10s

frontend stats
    mode http
    bind *:8080
    stats enable
    stats uri /stats
    stats refresh 10s

frontend ssl_443
 bind *:443 ssl crt /etc/ssl/private/test.pem
 mode http
 http-request set-header X-Forwarded-For %[src]
 http-request add-header X-Forwarded-Proto https
 option http-server-close
 default_backend ssl_443

backend ssl_443
 mode http
 balance leastconn
 server web1 10.0.0.1:80 check
 server web2 10.0.0.2:80 check
EOL
	#!/bin/bash
	openssl req -nodes -x509 -newkey rsa:2048 -keyout /etc/ssl/private/test.key -out /etc/ssl/private/test.crt -days 30
	cat /etc/ssl/private/test.key /etc/ssl/private/test.crt > /etc/ssl/private/test.pem

	cat <<EOL >> /etc/haproxy/haproxy.cfg
	defaults
	mode http
	timeout client 10s
	timeout connect 5s
	timeout server 10s
	timeout http-request 10s

	frontend stats
	mode http
	bind *:8080
	stats enable
	stats uri /stats
	stats refresh 10s

	frontend ssl_443
	bind *:443 ssl crt /etc/ssl/private/test.pem
	mode http
	http-request set-header X-Forwarded-For %[src]
	http-request add-header X-Forwarded-Proto https
	option http-server-close
	default_backend ssl_443

	backend ssl_443
	mode http
	balance leastconn
	server web1 10.0.0.1:80 check
	server web2 10.0.0.2:80 check
	EOL