alx-system_engineering-devops/0x10-https_ssl/1-haproxy_ssl_termination at master · Josh-techie/alx-system_engineering-devops · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
global
    log 127.0.0.1 local0 notice
    maxconn 2000
    user haproxy
    group haproxy
defaults
    log     global
    mode    http
    option  forwardfor
    option  http-server-close
    retries 3
    option redispatch
    timeout connect  5000
    timeout client  10000
    timeout server  10000
listen hbnb
    bind 0.0.0.0:443
    mode http
    stats enable
    stats uri /haproxy?stats
    balance roundrobin
    option httpclose
    option forwardfor
    server 385864-web-01 34.204.101.74:80 check
    server 385864-web-02 54.196.41.112:80 check
    option  forwardfor
    option  http-server-close

frontend www-http
    bind   3.236.20.125:80
    reqadd X-Forwarded-Proto:\ http
    default_backend www-backend

frontend www-https
    bind   3.236.20.125:443 ssl crt /etc/haproxy/certs/www.kipronoh.tech.pem
    reqadd X-Forwarded-Proto:\ https
    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    use_backend letsencrypt-backend if letsencrypt-acl
    default_backend www-backend

backend www-backend
   redirect scheme https if !{ ssl_fc }
   385864-web-01 34.204.101.74:80 check
   385864-web-02 54.196.41.112:80 check

backend letsencrypt-backend
   server letsencrypt 127.0.0.1:54321