AMINUL ISLAM SHAMIM

User Tools

Site Tools

Trace: haproxy_acl
haproxy_acl
  • [root@bsha ~]# cat /etc/haproxy/haproxy.cfg
  • #———————————————————————
  • # Global settings
  • #———————————————————————
  • global
  • #
  • log 127.0.0.1 local2
  • chroot /var/lib/haproxy
  • pidfile /var/run/haproxy.pid
  • maxconn 4000
  • user haproxy
  • group haproxy
  • daemon
  • # turn on stats unix socket
  • stats socket /var/lib/haproxy/stats
  • ssl-default-server-options force-tlsv12
  • ssl-default-server-ciphers ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM:!RC4
  • #———————————————————————
  • # common defaults that all the 'listen' and 'backend' sections will
  • # use if not designated in their block
  • #———————————————————————
  • defaults
  • mode http
  • log global
  • option httplog
  • option dontlognull
  • option http-server-close
  • option forwardfor except 127.0.0.0/8
  • option redispatch
  • retries 3
  • timeout http-request 10s
  • timeout queue 1m
  • timeout connect 10s
  • timeout client 1m
  • timeout server 1m
  • timeout http-keep-alive 10s
  • timeout check 10s
  • maxconn 3000
  • #———————————————————————
  • # main frontend which proxys to the backends
  • #———————————————————————
  • frontend localhost
  • bind *:80
  • bind *:443 ssl crt /etc/ssl/tbsnews.net/cert.pem
  • acl is_epaper path -i -m beg /epaper/
  • use_backend be_epaper if is_epaper
  • redirect scheme https if !{ ssl_fc }
  • mode http
  • default_backend nodes
  • #———————————————————————
  • # static backend for serving up images, stylesheets and such
  • #———————————————————————
  • backend static
  • balance roundrobin
  • server static 103.16.74.242:80 check
  • server static 103.16.74.244:80 check
  • backend be_epaper
  • balance roundrobin
  • server static 103.16.74.242:80 check
  • #———————————————————————
  • # round robin balancing between the various backends
  • #———————————————————————
  • backend nodes
  • mode http
  • balance roundrobin
  • option forwardfor
  • option httpchk HEAD / HTTP/1.1\r\nHost:localhost
  • server web42 103.16.74.242:80 check
  • server web44 103.16.74.244:80 check
  • http-request set-header X-Forwarded-Port %[dst_port]
  • http-request add-header X-Forwarded-Proto https if { ssl_fc }
  • #
  • #STATISTICS Configuration
  • #——————————————————-
  • listen stats
  • bind *:8082
  • stats enable
  • stats uri /
  • stats realm Haproxy\ Statistics
  • stats auth statadmin:bdc0m9876
  • [ro
haproxy_acl.txt · Last modified: 2023/03/06 11:31 by 127.0.0.1