increase timeout and enable HST
This commit is contained in:
parent
cce2b7cb56
commit
9d04ba4d77
|
|
@ -6,9 +6,21 @@ haproxy:
|
||||||
- code.badjware.dev
|
- code.badjware.dev
|
||||||
- drone.badjware.dev
|
- drone.badjware.dev
|
||||||
dst:
|
dst:
|
||||||
|
- 192.168.20.20
|
||||||
- 192.168.20.21
|
- 192.168.20.21
|
||||||
- 192.168.20.22
|
- 192.168.20.22
|
||||||
- 192.168.20.23
|
- 192.168.20.23
|
||||||
|
# - src:
|
||||||
|
# - kubernetes-dashboard.badjnet.home
|
||||||
|
# - traefik.badjnet.home
|
||||||
|
# - longhorn.badjnet.home
|
||||||
|
# - grafana.badjnet.home
|
||||||
|
# - prometheus.badjnet.home
|
||||||
|
# dst:
|
||||||
|
# - 192.168.20.20
|
||||||
|
# - 192.168.20.21
|
||||||
|
# - 192.168.20.22
|
||||||
|
# - 192.168.20.23
|
||||||
tcp:
|
tcp:
|
||||||
- src: "30022"
|
- src: "30022"
|
||||||
dst:
|
dst:
|
||||||
|
|
|
||||||
|
|
@ -8,8 +8,8 @@ global
|
||||||
|
|
||||||
defaults
|
defaults
|
||||||
timeout connect 5s
|
timeout connect 5s
|
||||||
timeout client 30s
|
timeout client 120s
|
||||||
timeout server 30s
|
timeout server 120s
|
||||||
log global
|
log global
|
||||||
|
|
||||||
default-server init-addr last,none resolvers dns
|
default-server init-addr last,none resolvers dns
|
||||||
|
|
@ -47,6 +47,9 @@ frontend https_in
|
||||||
# force https
|
# force https
|
||||||
http-request redirect scheme https unless { ssl_fc }
|
http-request redirect scheme https unless { ssl_fc }
|
||||||
|
|
||||||
|
# set HSTS
|
||||||
|
http-response set-header Strict-Transport-Security "max-age=15552000; includeSubDomains;"
|
||||||
|
|
||||||
# request is ssl
|
# request is ssl
|
||||||
# tcp-request inspect-delay 5s
|
# tcp-request inspect-delay 5s
|
||||||
# tcp-request content accept if { req.ssl_hello_type 1 }
|
# tcp-request content accept if { req.ssl_hello_type 1 }
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue