Anyone have a sample haproxy.cfg file for haproxy v 1.8

78 views
Skip to first unread message

Krishna Bavandlapally

unread,
Nov 23, 2019, 8:01:01 AM11/23/19
to web2py-users
Anyone have a sample haproxy.cfg file for haproxy v 1.8

Dave S

unread,
Nov 26, 2019, 4:26:55 PM11/26/19
to web2py-users


On Saturday, November 23, 2019 at 5:01:01 AM UTC-8, Krishna Bavandlapally wrote:
Anyone have a sample haproxy.cfg file for haproxy v 1.8


No, sorry.  I'm only using nginx.

Why is this post pinned?  That is supposed to be for long-lived messages, such as from Massimo.

/dps

Krishna Bavandlapally

unread,
Nov 26, 2019, 10:01:22 PM11/26/19
to web2py-users
Thank you, Deve S.

Sorry I didn't know that and unpinned it.

Dave S

unread,
Nov 26, 2019, 10:23:24 PM11/26/19
to web2py-users


On Tuesday, November 26, 2019 at 7:01:22 PM UTC-8, Krishna Bavandlapally wrote:
Thank you, Deve S.

Sorry I didn't know that and unpinned it.

'K

I did a quick search, and perhaps Jim S' post will help:
<URL:https://groups.google.com/d/msg/web2py/sTGFoVtiY04/t8y-6QssAgAJ>

Ian Ryder also has a site using haproxy, but didn't give the setup details:
<URL:https://groups.google.com/d/msg/web2py/BryoYJfvZ4k/tC_W05iDAAAJ>

My setup is a single instance, but even if it grows another head, nginx might be enough, although I haven't studied the load balancing uses, and can't speak to how much of that is in the open source version (even though that's what I'm using).

Good luck!

/dps



Jim S

unread,
Nov 27, 2019, 6:16:59 PM11/27/19
to web2py-users
Here is what I have currently:

global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    # An alternative list with additional directives can be obtained from
    #  https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3

defaults
    log    global
    mode    http
    option    httplog
    option    dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

frontend haproxynode
    bind *:80
    bind *:443 ssl crt /etc/ssl/new/STAR_qlf_com.pem
    redirect scheme https if !{ ssl_fc }
    default_backend backendnodes

backend backendnodes
    balance source
    option forwardfor
        http-request set-header X-Forwarded-Port %[dst_port]
        #http-request add-header X-Forwarded-Proto https if { ssl_fc }
    server ws19-1 10.10.0.57:9081 check
    server ws19-2 10.10.0.59:9081 check
   
listen stats
    bind :32700
    stats enable
    stats uri /
    stats hide-version
    stats auth haproxy:haproxy


Notice the ssl cert specification

You can see I have 2 separate servers and run them on port 9081.  For my web2py servers I just run rocket as a service.  And, I have sessions stored in the database.  I used to use redis, but that is no longer working with web2py (in sessions).

-Jim

Krishna Bavandlapally

unread,
Nov 27, 2019, 11:31:27 PM11/27/19
to web2py-users
Thank you Jim S for your great help.

I am also waiting for the Redis fix. Kindly let me know better alternative for cache.

Thank you in advance.

Jim Steil

unread,
Nov 28, 2019, 12:04:59 AM11/28/19
to web...@googlegroups.com
I'm still using redis for caching, but not for sessions.

Per the web2py book, I'm storing sessions in the database now. The redis_session module is where the problem is.

Jim



--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to a topic in the Google Groups "web2py-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/dNItBzO0BE8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to web2py+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/8ee713db-0c02-45fb-8bf3-aec08dd1ca2e%40googlegroups.com.
Message has been deleted

Krishna Bavandlapally

unread,
Nov 28, 2019, 5:56:20 AM11/28/19
to web2py-users
Thank you Jim S for your support
Reply all
Reply to author
Forward
0 new messages