global pidfile /var/run/haproxy.pid daemon user haproxy group haproxy stats socket /var/run/haproxy.socket user haproxy group haproxy mode 600 level admin node haproxy_%NIP% description haproxy server #* Performance Tuning maxconn 8192 spread-checks 3 quiet defaults #log global mode tcp option dontlognull option tcp-smart-accept option tcp-smart-connect #option dontlog-normal retries 3 option redispatch maxconn 8192 timeout check 3500ms timeout queue 3500ms timeout connect 3500ms timeout client 10800s timeout server 10800s userlist STATSUSERS group admin users admin user admin insecure-password Dc$@1910 user stats insecure-password Dc$@1910 listen admin_page bind *:9600 mode http stats enable stats refresh 60s stats uri / acl AuthOkay_ReadOnly http_auth(STATSUSERS) acl AuthOkay_Admin http_auth_group(STATSUSERS) admin stats http-request auth realm admin_page unless AuthOkay_ReadOnly # stats admin if AuthOkay_Admin listen MySQL_3307_rw bind *:3307 mode tcp timeout client 10800s timeout server 10800s tcp-check expect string is\ running balance leastconn option tcp-check # option allbackups default-server port 9200 inter 2s downinter 5s rise 3 fall 2 slowstart 60s maxconn 64 maxqueue 128 weight 100 server 10.5.10.51 10.5.10.51:3306 check server 10.5.10.52 10.5.10.52:3306 check backup server 10.5.10.53 10.5.10.53:3306 check backup listen MySQL_3308_ro bind *:3308 mode tcp timeout client 10800s timeout server 10800s tcp-check expect string is\ running balance leastconn option tcp-check # option allbackups default-server port 9200 inter 2s downinter 5s rise 3 fall 2 slowstart 60s maxconn 64 maxqueue 128 weight 100 server 10.5.10.51 10.5.10.51:3306 check server 10.5.10.52 10.5.10.52:3306 check server 10.5.10.53 10.5.10.53:3306 check backup listen NGINX_http bind *:80 mode tcp timeout client 10800s timeout server 10800s # tcp-check expect string is\ running balance leastconn option tcp-check # option allbackups default-server port 9200 inter 2s downinter 5s rise 3 fall 2 slowstart 60s maxconn 64 maxqueue 128 weight 100 cookie SERVERUSED insert indirect nocache server 10.5.10.121 10.5.10.121:80 cookie s1 check port 80 send-proxy server 10.5.10.122 10.5.10.122:80 cookie s2 check port 80 send-proxy server 10.5.10.123 10.5.10.123:80 cookie s3 check port 80 send-proxy backup listen NGINX_https bind *:443 mode tcp timeout client 10800s timeout server 10800s # tcp-check expect string is\ running balance leastconn option tcp-check # option allbackups default-server port 9200 inter 2s downinter 5s rise 3 fall 2 slowstart 60s maxconn 64 maxqueue 128 weight 100 cookie SERVERUSED insert indirect nocache server 10.5.10.121 10.5.10.121:443 cookie s1 check port 443 send-proxy server 10.5.10.122 10.5.10.122:443 cookie s2 check port 443 send-proxy server 10.5.10.123 10.5.10.123:443 cookie s3 check port 443 send-proxy backup listen Gitea bind *:3000 mode tcp timeout client 10800s timeout server 10800s # tcp-check expect string is\ running balance leastconn option tcp-check # option allbackups default-server port 9200 inter 2s downinter 5s rise 3 fall 2 slowstart 60s maxconn 64 maxqueue 128 weight 100 cookie SERVERUSED insert indirect nocache server 10.5.10.121 10.5.10.121:3000 cookie s1 check port 3000 server 10.5.10.122 10.5.10.122:3000 cookie s2 check port 3000 backup server 10.5.10.123 10.5.10.123:3000 cookie s3 check port 3000 backup