45 lines
1.4 KiB
Django/Jinja
45 lines
1.4 KiB
Django/Jinja
global
|
|
log 127.0.0.1 local0 notice
|
|
user haproxy
|
|
group haproxy
|
|
tune.ssl.default-dh-param 4096
|
|
|
|
defaults
|
|
log global
|
|
mode http
|
|
retries 2
|
|
timeout connect 3000
|
|
timeout server 5000
|
|
timeout client 5000
|
|
stats enable
|
|
stats uri {{ proxy_stats_uri }}
|
|
stats realm Haproxy\ Statistics
|
|
stats auth {{ proxy_stats_user }}:{{ proxy_stats_pass }}
|
|
|
|
listen mysql-cluster
|
|
bind 0.0.0.0:3306
|
|
mode tcp
|
|
option mysql-check user haproxy_check
|
|
balance roundrobin
|
|
{% for db_server in db %}
|
|
server {{ hostvars[db_server]['ansible_eth1']['ipv4']['address'] }} {{ hostvars[db_server]['ansible_eth1']['ipv4']['address'] }}:3306 check
|
|
{% endfor %}
|
|
|
|
frontend www-http
|
|
bind 0.0.0.0:80
|
|
reqadd X-Forwarded-Proto:\ http
|
|
default_backend www-backend
|
|
|
|
frontend www-https
|
|
bind 0.0.0.0:443 ssl crt /root/server.pem
|
|
reqadd X-Forwarded-Proto:\ https
|
|
default_backend wrestlingdev
|
|
|
|
backend wrestlingdev
|
|
redirect scheme https if !{ ssl_fc }
|
|
balance roundrobin
|
|
cookie SERVERID insert indirect nocache
|
|
{% for web_server in web %}
|
|
server {{ hostvars[web_server]['ansible_eth1']['ipv4']['address'] }} {{ hostvars[web_server]['ansible_eth1']['ipv4']['address'] }}:443 check cookie {{ hostvars[web_server]['ansible_eth1']['ipv4']['address'] }} ssl verify none
|
|
{% endfor %}
|