paulbsd-salt/states/haproxy/defaults.yaml
2023-03-10 00:02:52 +01:00

87 lines
1.7 KiB
YAML

---
haproxy:
enabled: true
packages:
- haproxy
- libcurl4-openssl-dev
- libmaxminddb-dev
- libjansson-dev
maps:
- access
- domains
- redirects
- vhosts
acme: false
config:
dir: /etc/haproxy
configfile: haproxy.cfg
peers:
dirs:
- geoip
- maps
- scripts
- mods
- errors
scripts:
- name: scripts/json.lua
lib: true
- name: scripts/collector.lua
lib: false
- name: scripts/weight.lua
lib: false
namespace: paulbsd
user: haproxy
group: haproxy
servername: High-performance Web Server
http2: true
defaults:
#log: global
#log: 127.0.0.1 local0
log: stdout format raw daemon info
retries: 2
timeout check: 4s
timeout client: 60m
timeout connect: 2s
timeout server: 60m
unique-id-format: "%{+X}o\\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid"
balance: roundrobin
check: true
http_port: 80
https_port: 443
capture_length: 200
admin: false
api:
enable: true
filesocket: /var/run/haproxy-admin.sock
tcpsocket: ipv4@127.0.0.1:9990
acme_dir: /etc/acme
acme_fullchains_dir: /etc/acme/fullchains
acme_dh_dir: /etc/acme/dh
ssl_ciphers:
- EECDH+AESGCM
- EECDH+CHACHA20
ssl_options:
- no-sslv3
- no-tls-tickets
gzip_mime_types:
- text/html
- text/plain
- text/css
- text/javascript
- application/json
cache:
size: 50000
file_types:
- .css
- .js
- .png
- .jpg
ddos:
timeperiod: 10s
maxrequests: 200
size: 1m
domains: {}
vhosts: {}
services: {}
spoe: {}