projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
010-security.debian.org.conf: explicitly bind to localhost
[mirror/dsa-puppet.git]
/
modules
/
roles
/
templates
/
snapshot
/
haproxy.cfg.erb
diff --git
a/modules/roles/templates/snapshot/haproxy.cfg.erb
b/modules/roles/templates/snapshot/haproxy.cfg.erb
index
9d8edfb
..
b711534
100644
(file)
--- a/
modules/roles/templates/snapshot/haproxy.cfg.erb
+++ b/
modules/roles/templates/snapshot/haproxy.cfg.erb
@@
-27,6
+27,7
@@
defaults
mode http
option httplog
option dontlognull
mode http
option httplog
option dontlognull
+ option forwardfor
timeout connect 5000
timeout client 50000
timeout server 50000
timeout connect 5000
timeout client 50000
timeout server 50000
@@
-49,6
+50,10
@@
frontend front_ssl
default_backend backend
option http-keep-alive
default_backend backend
option http-keep-alive
+ # We rate-limit requests by clients.
+ # Currently, we do that at the netfilter level, so one
+ # request per connection works best.
+ option httpclose
#option redispatch
backend backend
#option redispatch
backend backend