haproxy cfg and some site movement
This commit is contained in:
51
roles/proxy/templates/haproxy.cfg.j2
Normal file
51
roles/proxy/templates/haproxy.cfg.j2
Normal file
@@ -0,0 +1,51 @@
|
||||
global
|
||||
log 127.0.0.1 local0 notice
|
||||
user haproxy
|
||||
group haproxy
|
||||
tune.ssl.default-dh-param 4096
|
||||
|
||||
defaults
|
||||
log global
|
||||
mode http
|
||||
retries 2
|
||||
timeout connect 3000
|
||||
timeout server 5000
|
||||
timeout client 5000
|
||||
stats enable
|
||||
stats uri {{ proxy_stats_uri }}
|
||||
stats realm Haproxy\ Statistics
|
||||
stats auth {{ proxy_stats_user }}:{{ proxy_stats_pass }}
|
||||
|
||||
listen mysql-cluster
|
||||
bind 0.0.0.0:3306
|
||||
mode tcp
|
||||
option mysql-check user haproxy_check
|
||||
balance roundrobin
|
||||
{% for db_server in dbservers %}
|
||||
server {{ db_server }} {{ db_server }}:3306 check
|
||||
{% endfor %}
|
||||
|
||||
frontend www-http
|
||||
bind 0.0.0.0:80
|
||||
reqadd X-Forwarded-Proto:\ http
|
||||
default_backend www-backend
|
||||
|
||||
frontend www-https
|
||||
bind 0.0.0.0:443 ssl crt /root/server.pem
|
||||
reqadd X-Forwarded-Proto:\ https
|
||||
|
||||
acl host_wrestlingdev hdr(host) -i wrestlingdev.com
|
||||
use_backend wrestlingdev if host_wrestlingdev
|
||||
|
||||
default_backend www-backend
|
||||
|
||||
backend www-backend
|
||||
redirect scheme https if !{ ssl_fc }
|
||||
errorfile 503 /root/home.html
|
||||
|
||||
backend wrestlingdev
|
||||
redirect scheme https if !{ ssl_fc }
|
||||
balance roundrobin
|
||||
{% for web_server in webservers %}
|
||||
server {{ web_server }} {{ web_server }}:443 check ssl verify none
|
||||
{% endfor %}
|
||||
Reference in New Issue
Block a user