summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenver Abrey <denver@thoughtexpress.com>2017-10-10 15:43:42 +0200
committerDenver Abrey <denver@thoughtexpress.com>2017-10-10 15:43:42 +0200
commit99590928ce1f704ea04ac305843ffd34031a833f (patch)
tree559645dbb8453c8b9288e1eecdb60adf7c287167
parent3826ec33af608a377c4421ea75622eebccdebee4 (diff)
Add haproxy example
-rw-r--r--extra/oxidized.haproxy45
1 files changed, 45 insertions, 0 deletions
diff --git a/extra/oxidized.haproxy b/extra/oxidized.haproxy
new file mode 100644
index 0000000..91b76b2
--- /dev/null
+++ b/extra/oxidized.haproxy
@@ -0,0 +1,45 @@
+global
+ log /dev/log local0
+ log /dev/log local1 notice
+ chroot /var/lib/haproxy
+ stats socket /run/haproxy/admin.sock mode 660 level admin
+ stats timeout 30s
+ user haproxy
+ group haproxy
+ daemon
+
+ # Default SSL material locations
+ ca-base /etc/ssl/certs
+ crt-base /etc/ssl/private
+
+ # Default ciphers to use on SSL-enabled listening sockets.
+ # For more information, see ciphers(1SSL). This list is from:
+ # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+ ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
+ ssl-default-bind-options no-sslv3
+
+defaults
+ log global
+ mode http
+ option httplog
+ option dontlognull
+ timeout connect 5000
+ timeout client 50000
+ timeout server 50000
+ errorfile 400 /etc/haproxy/errors/400.http
+ errorfile 403 /etc/haproxy/errors/403.http
+ errorfile 408 /etc/haproxy/errors/408.http
+ errorfile 500 /etc/haproxy/errors/500.http
+ errorfile 502 /etc/haproxy/errors/502.http
+ errorfile 503 /etc/haproxy/errors/503.http
+ errorfile 504 /etc/haproxy/errors/504.http
+
+frontend oxidized
+ bind *:80
+ mode http
+ default_backend oxidized
+ compression algo gzip
+ compression type text/html text/plain text/css
+
+backend oxidized
+ server o1 127.0.0.1:8080