# HAProxy configuration generated by https://github.com/appscode/voyager # DO NOT EDIT! global daemon stats socket /tmp/haproxy server-state-file global server-state-base /var/state/haproxy/ # log using a syslog socket log /dev/log local0 info log /dev/log local0 notice tune.ssl.default-dh-param 2048 ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK defaults log global # https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose # https://github.com/appscode/voyager/pull/403 option dontlognull option http-server-close # Timeout values timeout client 50s timeout client-fin 50s timeout connect 50s timeout server 50s timeout tunnel 50s # Configure error files # default traffic mode is http # mode is overwritten in case of tcp services mode http frontend http-80 bind *:80 mode http # Limit Connections option httplog option forwardfor acl url_acl_voyager-operator.kube-system:56791-kwhaii path_beg /.well-known/acme-challenge/ use_backend voyager-operator.kube-system:56791-kwhaii if url_acl_voyager-operator.kube-system:56791-kwhaii acl host_acl_web.default:80-rhimq7 hdr(host) -i kiteci.com acl host_acl_web.default:80-rhimq7 hdr(host) -i kiteci.com:80 acl url_acl_web.default:80-rhimq7 path_beg / use_backend web.default:80-rhimq7 if host_acl_web.default:80-rhimq7 url_acl_web.default:80-rhimq7 backend voyager-operator.kube-system:56791-kwhaii server pod-voyager-operator-6d587895f5-j6fpg 10.32.1.6:56791 backend web.default:80-rhimq7 server pod-nginx-7c87f569d-v9qz9 10.32.1.5:80