projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add mipsel-osuosl-01.debian.org
[mirror/dsa-puppet.git]
/
modules
/
roles
/
templates
/
snapshot
/
haproxy.cfg.erb
diff --git
a/modules/roles/templates/snapshot/haproxy.cfg.erb
b/modules/roles/templates/snapshot/haproxy.cfg.erb
index
79879bd
..
b711534
100644
(file)
--- a/
modules/roles/templates/snapshot/haproxy.cfg.erb
+++ b/
modules/roles/templates/snapshot/haproxy.cfg.erb
@@
-27,9
+27,10
@@
defaults
mode http
option httplog
option dontlognull
mode http
option httplog
option dontlognull
- timeout connect 5000
- timeout client 50000
- timeout server 50000
+ option forwardfor
+ timeout connect 5000
+ timeout client 50000
+ timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
@@
-49,6
+50,10
@@
frontend front_ssl
default_backend backend
option http-keep-alive
default_backend backend
option http-keep-alive
+ # We rate-limit requests by clients.
+ # Currently, we do that at the netfilter level, so one
+ # request per connection works best.
+ option httpclose
#option redispatch
backend backend
#option redispatch
backend backend