global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10m timeout queue 10m timeout connect 10m timeout client 1m timeout server 1m timeout http-keep-alive 10m timeout check 10m maxconn 3000 frontend http bind 192.168.0.11:80 redirect scheme https if !{ ssl_fc } frontend https bind 192.168.0.11:443 ssl crt /etc/pki/tls/private mode http acl status_error status ge 504 http-response set-log-level err if status_error acl host_www hdr_beg(host) -i www acl is_mail hdr_end(host) -i mail.kerosgroup.com -i mail.radacode.me -i mail.radacode.net -i mail.komplus.ua -i kerio1.radacode.net -i mail.maxpavlov.com -i mail.ztravels.com.ua acl is_pembuilder hdr_end(host) -i pembuilder.radacode.net acl is_mykyta hdr_end(host) -i mykyta.radacode.net acl is_status hdr_end(host) -i status.radacode.net redirect prefix https://pembuilder.radacode.net code 301 if host_www is_pembuilder redirect prefix https://mykyta.radacode.net code 301 if host_www is_mykyta redirect prefix https://status.radacode.net code 301 if host_www is_status use_backend kerio1 if is_mail use_backend pembuilder if is_pembuilder use_backend haproxyUI if is_mykyta use_backend radacode-status if is_status default_backend haproxyUI backend kerio1 option forwardfor option httplog timeout connect 5000 timeout client 48h timeout server 48h timeout http-request 48h server kerio1 192.168.0.15:80 backend pembuilder option httpclose server mykyta 127.0.0.1:8170 backend haproxyUI option httpclose server mykyta 127.0.0.1:80 backend radacode-status option httpclose server mykyta 127.0.0.1:8171