Browse Source

haproxy updates

master
Nico Schottelius 12 months ago
parent
commit
db6345ce01
  1. 36
      apps/haproxy/haproxy-v2.cfg
  2. 2
      apps/haproxy/haproxy.cfg

36
apps/haproxy/haproxy-v2.cfg

@ -0,0 +1,36 @@
global
log stdout format raw local0
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
resolvers mydns
parse-resolv-conf
defaults
retries 3
log global
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
frontend f_https
bind ipv6@:6443
mode tcp
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
tcp-request content reject unless { req_ssl_sni -i k8s.ooo }
tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
default_backend b_https
backend b_https
mode tcp
tcp-request content set-dst var(txn.myip)
server tcp_https ipv6@*

2
apps/haproxy/haproxy.cfg

@ -48,9 +48,9 @@ frontend f_https
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
tcp-request deny unless { req_ssl_sni -i k8s.ooo }
tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
default_backend b_https
backend b_https

Loading…
Cancel
Save