lumin/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Format haproxy config

Browse source
This commit is contained in:
Ivan R. 2024-11-28 12:46:25 +05:00
parent d3b27d3565
commit 2145aebaf3
Signed by: lumin
GPG key ID: E0937DC7CD6D3817
1 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
roles/haproxy/files/haproxy.cfg
View file

@ -1,28 +1,28 @@
global global
log /dev/stderr local0 warning log /dev/stderr local0 warning
stats socket /run/haproxy/admin.sock user haproxy group haproxy mode 660 level admin expose-fd listeners stats socket /run/haproxy/admin.sock user haproxy group haproxy mode 660 level admin expose-fd listeners
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate # See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults defaults
log global log global
mode http mode http
option forwardfor option forwardfor
option httplog option httplog
option dontlognull option dontlognull
timeout connect 5000 timeout connect 5000
timeout client 50000 timeout client 50000
timeout server 50000 timeout server 50000
errorfile 400 /usr/local/etc/haproxy/errors/400.http errorfile 400 /usr/local/etc/haproxy/errors/400.http
errorfile 403 /usr/local/etc/haproxy/errors/403.http errorfile 403 /usr/local/etc/haproxy/errors/403.http
errorfile 408 /usr/local/etc/haproxy/errors/408.http errorfile 408 /usr/local/etc/haproxy/errors/408.http
errorfile 500 /usr/local/etc/haproxy/errors/500.http errorfile 500 /usr/local/etc/haproxy/errors/500.http
errorfile 502 /usr/local/etc/haproxy/errors/502.http errorfile 502 /usr/local/etc/haproxy/errors/502.http
errorfile 503 /usr/local/etc/haproxy/errors/503.http errorfile 503 /usr/local/etc/haproxy/errors/503.http
errorfile 504 /usr/local/etc/haproxy/errors/504.http errorfile 504 /usr/local/etc/haproxy/errors/504.http
default-server init-addr last,libc,none default-server init-addr last,libc,none
frontend http frontend http
@ -33,7 +33,7 @@ frontend http
http-request redirect scheme https if !{ ssl_fc } has_domain http-request redirect scheme https if !{ ssl_fc } has_domain
http-request set-header X-Forwarded-Proto http http-request set-header X-Forwarded-Proto http
acl host_mastodon_tor hdr(host) -i mcomfyzeyibt2unmkttoxa2li2dzpsljcp3sasrioqsks4ayrl5kk2ad.onion acl host_mastodon_tor hdr(host) -i mcomfyzeyibt2unmkttoxa2li2dzpsljcp3sasrioqsks4ayrl5kk2ad.onion
acl path_streaming_api path_beg /api/v1/streaming acl path_streaming_api path_beg /api/v1/streaming
use_backend mastodon_streaming if host_mastodon_tor path_streaming_api use_backend mastodon_streaming if host_mastodon_tor path_streaming_api