mirror of
https://github.com/openwrt/packages.git
synced 2025-12-21 21:24:31 +04:00
eb333d1bee
- Major version bump to the latest HAProxy v3.2 LTS release.
- Updated haproxy PKG_VERSION and PKG_HASH
- Updated build-parameters:
- Removed USE_QUIC_OPENSSL_COMPAT as OpenSSL v3.5.1+ ships with
good enough Quic support. HAProxy does not need the compat code
with these newer versions of OpenSSL anymore.
- Removed obsolete build parameters.
- Updated example configuration so it works with the new version.
- See changes: http://git.haproxy.org/?p=haproxy-3.2.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
113 lines
2.9 KiB
INI
113 lines
2.9 KiB
INI
# Example configuration file for HAProxy 2.0, refer to the url below for
|
|
# a full documentation and examples for configuration:
|
|
# https://cbonte.github.io/haproxy-dconv/2.0/configuration.html
|
|
|
|
|
|
# Global parameters
|
|
global
|
|
|
|
# Log events to a remote syslog server at given address using the
|
|
# specified facility and verbosity level. Multiple log options
|
|
# are allowed.
|
|
#log 10.0.0.1 daemon info
|
|
|
|
# Logging events to the local syslog server is possible too.
|
|
#log /dev/log local0 info
|
|
|
|
# Specifiy the maximum number of allowed connections.
|
|
maxconn 32000
|
|
|
|
# Raise the ulimit for the maximum allowed number of open socket
|
|
# descriptors per process. This is usually at least twice the
|
|
# number of allowed connections (maxconn * 2 + nb_servers + 1) .
|
|
ulimit-n 65535
|
|
|
|
# Drop privileges (setuid, setgid), default is "root" on OpenWrt.
|
|
uid 0
|
|
gid 0
|
|
|
|
# Perform chroot into the specified directory.
|
|
#chroot /var/run/haproxy/
|
|
|
|
# Daemonize on startup
|
|
daemon
|
|
|
|
# Enable debugging
|
|
#debug
|
|
|
|
# Spawn given number of processes and distribute load among them,
|
|
# used for multi-core environments or to circumvent per-process
|
|
# limits like number of open file descriptors. Default is 1.
|
|
#nbproc 2
|
|
|
|
# SSL/TLS configuration. You can use the Mozilla SSL Config
|
|
# Generator. See: https://ssl-config.mozilla.org/#server=haproxy
|
|
|
|
# Default parameters
|
|
defaults
|
|
# Default timeouts
|
|
timeout connect 5000ms
|
|
timeout client 50000ms
|
|
timeout server 50000ms
|
|
|
|
|
|
# Example HTTP proxy listener
|
|
listen my_http_proxy
|
|
|
|
# Bind to port 81 and 444 on all interfaces (0.0.0.0)
|
|
bind :81,:444
|
|
|
|
# We're proxying HTTP here...
|
|
mode http
|
|
|
|
# Simple HTTP round robin over two servers using the specified
|
|
# source ip 192.168.1.1 .
|
|
balance roundrobin
|
|
server server01 192.168.1.10:80 source 192.168.1.1
|
|
server server02 192.168.1.20:80 source 192.168.1.1
|
|
|
|
# Serve an internal statistics page on /stats:
|
|
stats enable
|
|
stats uri /stats
|
|
|
|
# Enable HTTP basic auth for the statistics:
|
|
stats realm HA_Stats
|
|
stats auth username:password
|
|
|
|
|
|
# Example SMTP proxy listener
|
|
listen my_smtp_proxy
|
|
|
|
# Disable this instance without commenting out the section.
|
|
disabled
|
|
|
|
# Bind to port 26 and 588 on localhost
|
|
bind 127.0.0.1:26,127.0.0.1:588
|
|
|
|
# This is a TCP proxy
|
|
mode tcp
|
|
|
|
# Round robin load balancing over two servers on port 123 forcing
|
|
# the address 192.168.1.1 and port 25 as source.
|
|
balance roundrobin
|
|
#use next line for transparent proxy, so the servers can see the
|
|
#original ip-address and remove source keyword in server definition
|
|
#source 0.0.0.0 usesrc clientip
|
|
server server01 192.168.1.10:123 source 192.168.1.1:25
|
|
server server02 192.168.1.20:123 source 192.168.1.1:25
|
|
|
|
|
|
# Special health check listener for integration with external load
|
|
# balancers.
|
|
listen local_health_check
|
|
|
|
# Listen on port 60000
|
|
bind :60000
|
|
|
|
# This health check requires http-mode
|
|
mode http
|
|
|
|
# This is a health check
|
|
http-request return status 200
|
|
|