library/haproxy/1.7-alpine/config/30.global.cfg

20 lines
932 B
INI
Raw Permalink Normal View History

2018-10-27 03:58:37 +00:00
global
log 127.0.0.1 local0 info
chroot /var/lib/haproxy
maxconn 4096
# Turn on stats unix socket
stats socket /var/lib/haproxy/stats
server-state-file /var/lib/haproxy/server-state
# Mozilla security tips for intermediate level
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
tune.ssl.default-dh-param 2048
ssl-default-bind-options no-sslv3 no-tls-tickets
ssl-default-bind-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE
ssl-default-server-options no-sslv3 no-tls-tickets
ssl-default-server-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:D