Qualsys SSLLabs A+ rating

Recommended ciphers, stapling, hsts age, sticky HA sessions
author: Dan Goodliffe <dan@randomdan.homeip.net> 2019-04-19 13:27:30 +0100
committer: Dan Goodliffe <dan@randomdan.homeip.net> 2019-04-19 13:27:30 +0100
commit: 967c99ee0985aa4f26370029a251b74b1bf60e0c (patch)
tree: 2711ad0ff7cd4092ffb547b3581136404f639635 /etc/haproxy.cfg
parent: Add spamassasin local.cf (diff)
download: config-967c99ee0985aa4f26370029a251b74b1bf60e0c.tar.bz2
config-967c99ee0985aa4f26370029a251b74b1bf60e0c.tar.xz
config-967c99ee0985aa4f26370029a251b74b1bf60e0c.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/haproxy.cfg b/etc/haproxy.cfg
index a14c916..43ef958 100644
--- a/etc/haproxy.cfg
+++ b/etc/haproxy.cfg
@@ -20,6 +20,10 @@ mailers smtp
 	mailer defiant defiant:25
 	mailer firebrand firebrand:25
 
+peers randomlan
+	peer defiant defiant:1024
+	peer firebrand firebrand:1024
+
 # HTTP
 listen http
 	description Apache HTTP
@@ -33,6 +37,8 @@ listen https
 	description Apache HTTPS
 	bind *:443
 	mode tcp
+	stick-table type ip size 20k peers randomlan
+	stick on src
 	server defiant defiant:11443 send-proxy-v2 observe layer4 check
 	server firebrand firebrand:11443 send-proxy-v2 observe layer4 check
author	Dan Goodliffe <dan@randomdan.homeip.net>	2019-04-19 13:27:30 +0100
committer	Dan Goodliffe <dan@randomdan.homeip.net>	2019-04-19 13:27:30 +0100
commit	967c99ee0985aa4f26370029a251b74b1bf60e0c (patch)
tree	2711ad0ff7cd4092ffb547b3581136404f639635 /etc/haproxy.cfg
parent	Add spamassasin local.cf (diff)
download	config-967c99ee0985aa4f26370029a251b74b1bf60e0c.tar.bz2 config-967c99ee0985aa4f26370029a251b74b1bf60e0c.tar.xz config-967c99ee0985aa4f26370029a251b74b1bf60e0c.zip