--- haproxy: enabled: true packages: - haproxy scripts: - name: scripts/http.lua lib: true - name: scripts/json.lua lib: true - name: scripts/collector.lua lib: false - name: scripts/weight_by_latency.lua lib: false maps: - access - redirects - vhosts config: dir: /etc/haproxy configfile: haproxy.cfg servername: "High-performance Web Server" http2: true defaults: #log: global #log: 127.0.0.1 local0 log: stdout format raw daemon info retries: 2 timeout client: 30m timeout connect: 4s timeout server: 30m timeout check: 5s unique-id-format: "%{+X}o\\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid" balance: roundrobin check: true user: haproxy group: haproxy http_port: 80 https_port: 443 capture_length: 200 admin: enable: false port: 7000 api: enable: true filesocket: /var/run/hap-lb.sock tcpsocket: ipv4@127.0.0.1:9990 acme_dir: /etc/acme acme_fullchains_dir: /etc/acme/fullchains acme_dh_dir: /etc/acme/dh ssl_ciphers: - "ECDH+AESGCM" - "DH+AESGCM" - "ECDH+AES256" - "DH+AES256" - "ECDH+AES128" - "DH+AES" - "ECDH+3DES" - "DH+3DES" - "RSA+AESGCM" - "RSA+AES" - "RSA+3DES" - "!aNULL" - "!MD5" - "!DSS" ssl_options: - no-sslv3 - no-tls-tickets gzip_mime_types: - text/html - text/plain - text/css - text/javascript - application/json cache_file_types: - .css - .js - .png - .jpg ddos: timeperiod: 10s maxrequests: 200 vhosts: {} services: {}