--- haproxy: enabled: true pkgs: - haproxy - liblua5.4-dev - lua-filesystem - lua-socket - libcurl4-openssl-dev - libmaxminddb-dev - libjansson-dev maps: - access - allowhttp - countries - domains - redirects - ua - vhosts acme: false hatop: fetchurl: https://github.com/jhunt/hatop/releases/download version: "0.8.2" hash: sha256=6ba2136e98b9a436488be67a54a5295f55f38090157d09df0154dda493ac5815 config: dir: /etc/haproxy configfile: haproxy.cfg syscontact: haproxy@example.com geoip: enabled: true countries: FR: OK lua_max_mem: 1024 peers: hosts: [] port: 4096 servers: hosts: [] dirs: - maps - scripts - mods - errors - static static: - security.txt scripts: haproxy: path: mods/haproxy.c lib: true compile: path: scripts/compile.lua lib: true geoip: path: scripts/geoip.lua lib: false args: - /usr/share/GeoIP/GeoLite2-City.mmdb json: path: scripts/json.lua lib: true collector: path: scripts/collector.lua lib: false #- name: scripts/weight.lua # lib: false # args: # - 5 state: path: scripts/state.lua lib: false args: - 30 namespace: paulbsd user: haproxy group: haproxy servername: HAProxy http2: true defaults: #log: global #log: 127.0.0.1 local0 load-server-state-from-file: global log: stdout format raw daemon info retries: 2 timeout check: 4s timeout client: 60m timeout connect: 2s timeout server: 60m balance: roundrobin check: true http_port: 80 https_port: 443 capture_length: 200 admin: false quic: true api: enable: true filesocket: /var/run/haproxy-admin.sock tcpsocket: ipv4@127.0.0.1:9990 acme_dir: /etc/acme acme_fullchains_dir: /etc/acme/fullchains acme_dh_dir: /etc/acme/dh ssl_ciphers: - EECDH+AESGCM - EECDH+CHACHA20 ssl_options: - no-sslv3 - no-tls-tickets compression_mime_types: - text/html - text/plain - text/css - text/javascript - application/json - application/octet-stream cache: total: 128 size: 8 age: 86400 file_types: - .css - .ico - .jpeg - .jpg - .js - .png - .svg - .webp - .woff2 ddos: timeperiod: 10s maxrequests: 200 size: 1m domains: [] vhosts: {} services: {} spoe: {}