From 99590928ce1f704ea04ac305843ffd34031a833f Mon Sep 17 00:00:00 2001 From: Denver Abrey Date: Tue, 10 Oct 2017 15:43:42 +0200 Subject: Add haproxy example --- extra/oxidized.haproxy | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 extra/oxidized.haproxy (limited to 'extra') diff --git a/extra/oxidized.haproxy b/extra/oxidized.haproxy new file mode 100644 index 0000000..91b76b2 --- /dev/null +++ b/extra/oxidized.haproxy @@ -0,0 +1,45 @@ +global + log /dev/log local0 + log /dev/log local1 notice + chroot /var/lib/haproxy + stats socket /run/haproxy/admin.sock mode 660 level admin + stats timeout 30s + user haproxy + group haproxy + daemon + + # Default SSL material locations + ca-base /etc/ssl/certs + crt-base /etc/ssl/private + + # Default ciphers to use on SSL-enabled listening sockets. + # For more information, see ciphers(1SSL). This list is from: + # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ + ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS + ssl-default-bind-options no-sslv3 + +defaults + log global + mode http + option httplog + option dontlognull + timeout connect 5000 + timeout client 50000 + timeout server 50000 + errorfile 400 /etc/haproxy/errors/400.http + errorfile 403 /etc/haproxy/errors/403.http + errorfile 408 /etc/haproxy/errors/408.http + errorfile 500 /etc/haproxy/errors/500.http + errorfile 502 /etc/haproxy/errors/502.http + errorfile 503 /etc/haproxy/errors/503.http + errorfile 504 /etc/haproxy/errors/504.http + +frontend oxidized + bind *:80 + mode http + default_backend oxidized + compression algo gzip + compression type text/html text/plain text/css + +backend oxidized + server o1 127.0.0.1:8080 -- cgit v1.2.1