# # Example pillar configuration # haproxy: config_file_path: /etc/haproxy/haproxy.cfg global: stats: enable: True socketpath: /var/lib/haproxy/stats user: haproxy group: haproxy chroot: enable: True path: /var/lib/haproxy daemon: True defaults: log: global mode: http retries: 3 options: - httplog - dontlognull - forwardfor - http-server-close timeouts: - http-request 10s - queue 1m - connect 10s - client 1m - server 1m - http-keep-alive 10s - check 10s errorfiles: 400: /etc/haproxy/errors/400.http 403: /etc/haproxy/errors/403.http 408: /etc/haproxy/errors/408.http 500: /etc/haproxy/errors/500.http 502: /etc/haproxy/errors/502.http 503: /etc/haproxy/errors/503.http 504: /etc/haproxy/errors/504.http frontends: frontend1: name: www-http bind: "*:80" reqadd: - "X-Forwarded-Proto:\\ http" default_backend: www-backend frontend2: name: www-https bind: "*:443 ssl crt /etc/ssl/private/certificate-chain-and-key-combined.pem" reqadd: - "X-Forwarded-Proto:\\ https" default_backend: www-backend acls: - url_static path_beg -i /static /images /javascript /stylesheets - url_static path_end -i .jpg .gif .png .css .js use_backends: - static if url_static backends: backend1: name: www-backend balance: roundrobin redirect: scheme https if !{ ssl_fc } servers: server1: name: server1-its-name host: 192.168.1.213 port: 80 check: check backend2: name: static balance: roundrobin redirect: scheme https if !{ ssl_fc } options: - http-server-close - httpclose - forwardfor except 127.0.0.0/8 - httplog cookie: "pm insert indirect" stats: enable: True uri: /url/to/stats realm: LoadBalancer auth: "user:password" servers: server1: name: some-server host: 123.156.189.111 port: 8080 check: check