paulbsd-salt/states/haproxy/defaults.yaml
2023-05-17 13:20:14 +02:00

118 lines
2.5 KiB
YAML

---
haproxy:
enabled: true
packages:
- haproxy
- liblua5.3-dev
- lua-filesystem
- lua-socket
- libcurl4-openssl-dev
- libmaxminddb-dev
- libjansson-dev
maps:
- access
- countries
- domains
- redirects
- vhosts
acme: false
hatop:
fetchurl: https://github.com/jhunt/hatop/releases/download
version: "0.8.2"
hash: sha256=6ba2136e98b9a436488be67a54a5295f55f38090157d09df0154dda493ac5815
config:
dir: /etc/haproxy
configfile: haproxy.cfg
syscontact: haproxy@example.com
geoip:
enabled: true
countries:
FR: OK
dbs:
- name: geoip/GeoLite2-City.mmdb
url: https://git.paulbsd.com/paulbsd/GeoLite.mmdb/releases/download/2023.03.26/GeoLite2-City.mmdb
lua_max_mem: 1024
peers:
hosts: []
port: 4096
dirs:
- geoip
- maps
- scripts
- mods
- errors
geoip_dbs:
scripts:
- name: mods/haproxy.c
lib: true
- name: scripts/compile.lua
lib: true
- name: scripts/geoip.lua
lib: false
args:
- /etc/haproxy/geoip/GeoLite2-City.mmdb
- name: scripts/json.lua
lib: true
- name: scripts/collector.lua
lib: false
- name: scripts/weight.lua
lib: false
namespace: paulbsd
user: haproxy
group: haproxy
servername: "High-performance Web Server 1.0"
http2: true
defaults:
#log: global
#log: 127.0.0.1 local0
log: stdout format raw daemon info
retries: 2
timeout check: 4s
timeout client: 60m
timeout connect: 2s
timeout server: 60m
unique-id-format: "%{+X}o\\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid"
balance: roundrobin
check: true
http_port: 80
https_port: 443
capture_length: 200
admin: false
api:
enable: true
filesocket: /var/run/haproxy-admin.sock
tcpsocket: ipv4@127.0.0.1:9990
acme_dir: /etc/acme
acme_fullchains_dir: /etc/acme/fullchains
acme_dh_dir: /etc/acme/dh
ssl_ciphers:
- EECDH+AESGCM
- EECDH+CHACHA20
ssl_options:
- no-sslv3
- no-tls-tickets
compression_mime_types:
- text/html
- text/plain
- text/css
- text/javascript
- application/json
- application/octet-stream
cache:
size: 50000
file_types:
- .css
- .js
- .png
- .jpg
- .svg
- .webp
ddos:
timeperiod: 10s
maxrequests: 200
size: 1m
domains: []
vhosts: {}
services: {}
spoe: {}