84 lines
1.6 KiB
YAML
84 lines
1.6 KiB
YAML
---
|
|
haproxy:
|
|
enabled: true
|
|
packages:
|
|
- haproxy
|
|
scripts:
|
|
- name: scripts/http.lua
|
|
lib: true
|
|
- name: scripts/json.lua
|
|
lib: true
|
|
- name: scripts/collector.lua
|
|
lib: false
|
|
- name: scripts/weight_by_latency.lua
|
|
lib: false
|
|
maps:
|
|
- access
|
|
- redirects
|
|
- vhosts
|
|
config:
|
|
servername: "High-performance Web Server"
|
|
http2: true
|
|
defaults:
|
|
#log: global
|
|
#log: 127.0.0.1 local0
|
|
log: stdout format raw daemon info
|
|
retries: 2
|
|
timeout client: 30m
|
|
timeout connect: 4s
|
|
timeout server: 30m
|
|
timeout check: 5s
|
|
balance: roundrobin
|
|
check: true
|
|
dir: /etc/haproxy
|
|
configfile: haproxy.cfg
|
|
user: haproxy
|
|
group: haproxy
|
|
http_port: 80
|
|
https_port: 443
|
|
capture_length: 200
|
|
admin:
|
|
enable: false
|
|
port: 7000
|
|
api:
|
|
enable: true
|
|
filesocket: /var/run/hap-lb.sock
|
|
tcpsocket: ipv4@127.0.0.1:9990
|
|
acme_dir: /etc/acme
|
|
acme_fullchains_dir: /etc/acme/fullchains
|
|
acme_dh_dir: /etc/acme/dh
|
|
ssl_ciphers:
|
|
- "ECDH+AESGCM"
|
|
- "DH+AESGCM"
|
|
- "ECDH+AES256"
|
|
- "DH+AES256"
|
|
- "ECDH+AES128"
|
|
- "DH+AES"
|
|
- "ECDH+3DES"
|
|
- "DH+3DES"
|
|
- "RSA+AESGCM"
|
|
- "RSA+AES"
|
|
- "RSA+3DES"
|
|
- "!aNULL"
|
|
- "!MD5"
|
|
- "!DSS"
|
|
ssl_options:
|
|
- no-sslv3
|
|
- no-tls-tickets
|
|
gzip_mime_types:
|
|
- text/html
|
|
- text/plain
|
|
- text/css
|
|
- text/javascript
|
|
- application/json
|
|
cache_file_types:
|
|
- .css
|
|
- .js
|
|
- .png
|
|
- .jpg
|
|
ddos:
|
|
timeperiod: 10s
|
|
maxrequests: 200
|
|
vhosts: {}
|
|
services: {}
|