§2024-06-03

機器：　 pi2Nginx.MuNeTaka.me 192.168.48.249, archLinux

1. installation

[alexlai@pi2NginxMuNeTaka ~]$ sudo pacman -S haproxy

[alexlai@pi2NginxMuNeTaka ~]$ systemctl status haproxy
○ haproxy.service - HAProxy Load Balancer
     Loaded: loaded (/usr/lib/systemd/system/haproxy.service; disabled; preset: disabled)
     Active: inactive (dead)

2. Configuration

alexlai@pi2NginxMuNeTaka ~]$ sudo cp -v /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.backup
'/etc/haproxy/haproxy.cfg' -> '/etc/haproxy/haproxy.cfg.backup'

- /etc/haproxy/haproxy.cfg.backup

global # Set the maximum connections globally maxconn 4096 # Log to a syslog server log /dev/log local0 # Log SSL errors log-send-hostname # Set process ID file pidfile /var/run/haproxy.pid # Set the maximum SSL session rate to 4000 per second tune.ssl.default-dh-param 2048

defaults log global mode http option httplog option dontlognull option forwardfor timeout connect 5000ms timeout client 50000ms timeout server 50000ms

frontend www-http

# bind *:80
# mode http
# redirect scheme https code 301 if !{ ssl_fc }

frontend nextCloud-https bind *:43103 ssl crt /etc/haproxy/cert/munetaka.me.pem # managed by Certbot default_backend nextCloud-backend

backend nextCloud-backend mode http
balance roundrobin
option forwardfor
option httpchk HEAD / http-check send ver HTTP/1.1 hdr Host localhost server backend1 192.168.16.247:43101 check
timeout connect 4s
timeout server 4s