2022-10-01 20:06:19 +02:00
|
|
|
---
|
|
|
|
haproxy:
|
|
|
|
enabled: true
|
2023-06-06 09:23:53 +02:00
|
|
|
pkgs:
|
2022-10-01 20:06:19 +02:00
|
|
|
- haproxy
|
2023-04-13 23:13:34 +02:00
|
|
|
- liblua5.3-dev
|
|
|
|
- lua-filesystem
|
2023-04-28 18:11:56 +02:00
|
|
|
- lua-socket
|
2023-02-19 12:21:59 +01:00
|
|
|
- libcurl4-openssl-dev
|
|
|
|
- libmaxminddb-dev
|
|
|
|
- libjansson-dev
|
2022-10-23 16:37:53 +02:00
|
|
|
maps:
|
|
|
|
- access
|
2024-02-07 22:00:15 +01:00
|
|
|
- allowhttp
|
2023-04-13 23:13:34 +02:00
|
|
|
- countries
|
2022-12-09 21:56:25 +01:00
|
|
|
- domains
|
2022-11-08 11:04:39 +01:00
|
|
|
- redirects
|
2023-07-15 19:54:00 +02:00
|
|
|
- ua
|
2022-11-08 11:04:39 +01:00
|
|
|
- vhosts
|
2023-02-10 13:47:00 +01:00
|
|
|
acme: false
|
2023-03-21 19:42:51 +01:00
|
|
|
hatop:
|
|
|
|
fetchurl: https://github.com/jhunt/hatop/releases/download
|
|
|
|
version: "0.8.2"
|
|
|
|
hash: sha256=6ba2136e98b9a436488be67a54a5295f55f38090157d09df0154dda493ac5815
|
2022-10-01 20:06:19 +02:00
|
|
|
config:
|
2022-12-06 20:26:55 +01:00
|
|
|
dir: /etc/haproxy
|
|
|
|
configfile: haproxy.cfg
|
2023-04-13 23:13:34 +02:00
|
|
|
syscontact: haproxy@example.com
|
|
|
|
geoip:
|
|
|
|
enabled: true
|
|
|
|
countries:
|
|
|
|
FR: OK
|
|
|
|
dbs:
|
2024-01-03 13:29:44 +01:00
|
|
|
- name: /var/lib/haproxy/geoip/GeoLite2-City.mmdb
|
2023-04-13 23:13:34 +02:00
|
|
|
url: https://git.paulbsd.com/paulbsd/GeoLite.mmdb/releases/download/2023.03.26/GeoLite2-City.mmdb
|
|
|
|
lua_max_mem: 1024
|
2023-02-04 19:51:20 +01:00
|
|
|
peers:
|
2023-03-21 19:42:51 +01:00
|
|
|
hosts: []
|
|
|
|
port: 4096
|
2023-09-14 16:45:28 +02:00
|
|
|
servers:
|
|
|
|
hosts: []
|
2023-01-16 12:00:54 +01:00
|
|
|
dirs:
|
|
|
|
- maps
|
|
|
|
- scripts
|
|
|
|
- mods
|
|
|
|
- errors
|
2023-04-13 23:13:34 +02:00
|
|
|
geoip_dbs:
|
2023-01-16 12:00:54 +01:00
|
|
|
scripts:
|
2023-04-13 23:13:34 +02:00
|
|
|
- name: mods/haproxy.c
|
|
|
|
lib: true
|
|
|
|
- name: scripts/compile.lua
|
|
|
|
lib: true
|
|
|
|
- name: scripts/geoip.lua
|
|
|
|
lib: false
|
|
|
|
args:
|
2024-01-03 13:29:44 +01:00
|
|
|
- /var/lib/haproxy/geoip/GeoLite2-City.mmdb
|
2023-01-16 12:00:54 +01:00
|
|
|
- name: scripts/json.lua
|
|
|
|
lib: true
|
|
|
|
- name: scripts/collector.lua
|
|
|
|
lib: false
|
2023-08-07 16:03:04 +02:00
|
|
|
#- name: scripts/weight.lua
|
|
|
|
# lib: false
|
|
|
|
# args:
|
|
|
|
# - 5
|
2023-06-06 09:23:53 +02:00
|
|
|
- name: scripts/state.lua
|
|
|
|
lib: false
|
|
|
|
args:
|
|
|
|
- 30
|
2022-12-26 18:13:39 +01:00
|
|
|
namespace: paulbsd
|
2023-01-16 12:00:54 +01:00
|
|
|
user: haproxy
|
|
|
|
group: haproxy
|
2023-06-18 10:58:21 +02:00
|
|
|
servername: HAProxy
|
2022-10-23 16:37:53 +02:00
|
|
|
http2: true
|
2022-10-01 20:06:19 +02:00
|
|
|
defaults:
|
2022-10-23 16:37:53 +02:00
|
|
|
#log: global
|
|
|
|
#log: 127.0.0.1 local0
|
2023-06-06 09:23:53 +02:00
|
|
|
load-server-state-from-file: global
|
2022-10-23 16:37:53 +02:00
|
|
|
log: stdout format raw daemon info
|
|
|
|
retries: 2
|
2023-01-17 14:43:58 +01:00
|
|
|
timeout check: 4s
|
2023-01-16 12:00:54 +01:00
|
|
|
timeout client: 60m
|
|
|
|
timeout connect: 2s
|
|
|
|
timeout server: 60m
|
2022-12-06 20:26:55 +01:00
|
|
|
unique-id-format: "%{+X}o\\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid"
|
2022-11-13 20:48:27 +01:00
|
|
|
balance: roundrobin
|
2022-12-03 00:07:39 +01:00
|
|
|
check: true
|
2022-10-01 20:06:19 +02:00
|
|
|
http_port: 80
|
|
|
|
https_port: 443
|
2022-12-03 00:07:39 +01:00
|
|
|
capture_length: 200
|
2023-01-16 12:00:54 +01:00
|
|
|
admin: false
|
2024-03-14 21:25:46 +01:00
|
|
|
quic: true
|
2022-10-23 16:37:53 +02:00
|
|
|
api:
|
|
|
|
enable: true
|
2023-01-04 23:32:56 +01:00
|
|
|
filesocket: /var/run/haproxy-admin.sock
|
2022-10-23 16:37:53 +02:00
|
|
|
tcpsocket: ipv4@127.0.0.1:9990
|
2022-10-01 20:06:19 +02:00
|
|
|
acme_dir: /etc/acme
|
2022-10-23 16:37:53 +02:00
|
|
|
acme_fullchains_dir: /etc/acme/fullchains
|
|
|
|
acme_dh_dir: /etc/acme/dh
|
2022-10-01 20:06:19 +02:00
|
|
|
ssl_ciphers:
|
2022-12-24 17:49:54 +01:00
|
|
|
- EECDH+AESGCM
|
|
|
|
- EECDH+CHACHA20
|
2022-10-01 20:06:19 +02:00
|
|
|
ssl_options:
|
|
|
|
- no-sslv3
|
|
|
|
- no-tls-tickets
|
2023-05-17 13:20:14 +02:00
|
|
|
compression_mime_types:
|
2022-11-08 11:04:39 +01:00
|
|
|
- text/html
|
|
|
|
- text/plain
|
|
|
|
- text/css
|
|
|
|
- text/javascript
|
2022-11-13 20:48:27 +01:00
|
|
|
- application/json
|
2023-05-17 13:20:14 +02:00
|
|
|
- application/octet-stream
|
2022-12-24 17:49:54 +01:00
|
|
|
cache:
|
2023-06-23 08:47:25 +02:00
|
|
|
total: 128
|
|
|
|
size: 8
|
|
|
|
age: 86400
|
2022-12-24 17:49:54 +01:00
|
|
|
file_types:
|
|
|
|
- .css
|
2023-06-23 08:47:25 +02:00
|
|
|
- .ico
|
|
|
|
- .jpeg
|
|
|
|
- .jpg
|
2022-12-24 17:49:54 +01:00
|
|
|
- .js
|
|
|
|
- .png
|
2023-04-13 23:13:34 +02:00
|
|
|
- .svg
|
|
|
|
- .webp
|
2023-07-21 23:15:33 +02:00
|
|
|
- .woff2
|
2022-12-03 00:07:39 +01:00
|
|
|
ddos:
|
|
|
|
timeperiod: 10s
|
|
|
|
maxrequests: 200
|
2023-02-04 19:51:20 +01:00
|
|
|
size: 1m
|
2023-04-13 23:13:34 +02:00
|
|
|
domains: []
|
2022-10-01 20:06:19 +02:00
|
|
|
vhosts: {}
|
|
|
|
services: {}
|
2022-12-11 16:34:27 +01:00
|
|
|
spoe: {}
|