Installer Haproxy

Installation de base : Avec SSL :

config de test :

Click to display ⇲

Click to hide ⇱

    log         /dev/log local5
    chroot      /var/lib/haproxy
    pidfile     /var/run/
    user        haproxy
    group       haproxy
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats user haproxy group haproxy mode 660 level admin
    node haproxy
    stats timeout 30s
    ca-base /etc/ssl/certs/
    tune.ssl.default-dh-param 2048
    ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option                  forwardfor except header X-Forwarded-For
    option                  redispatch
    option                  http-server-close
    option                  abortonclose
    retries                 3
    timeout http-request    10s
    timeout queue           60s
    timeout connect         4s
    timeout client          300s
    timeout server          300s
#    timeout http-keep-alive 10s
#    timeout check           10s
    maxconn                 3000
    default-server port 80 maxconn 150 on-error fail-check slowstart 60s inter 30s fastinter 5s downinter 10s weight 100
frontend front
    option forwardfor
    maxconn 800
    http-request add-header X-Proto https if { ssl_fc }
    redirect scheme https if !{ ssl_fc }
#    default_backend back
frontend front_ssl
    bind ssl crt /etc/ssl/
    http-request set-header X-Forwarded-Proto: https
    default_backend back
backend back
    balance roundrobin
    server debian check observe layer4 weight 100
    server debian3 check observe layer4 weight 100
listen stats
    stats enable
    stats uri /haproxy
    stats show-legends
    stats show-node
    stats realm Auth\ required
    stats auth foo:bar
    stats admin if TRUE


acl search hdr(host)
http-request redirect code 301 location[urlp(search)] if { path_dir /recherche } search