forked from IBM-Blockchain-Archive/cp-web
-
Notifications
You must be signed in to change notification settings - Fork 0
/
haproxy.cfg
37 lines (31 loc) · 1.12 KB
/
haproxy.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
global
log /dev/log local0
log /dev/log local1 notice
maxconn 4096
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
#ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
#ssl-default-bind-options no-sslv3
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 500000
timeout server 500000
frontend http-cp-web
bind *:80
redirect scheme https if !{ ssl_fc }
frontend https-cp-web
bind *:443 ssl crt /opt/certs/blockchain.ibm.com.pem
reqadd X-Forwarded-Proto:\ https
default_backend www-backend
backend www-backend
redirect scheme https if !{ ssl_fc }
server cp-web localhost:3000