Select Git revision
main.yml

Adrian K. authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 2.56 KiB
---
haproxy_config_dir: "/etc/haproxy"
haproxy_config_file: "{{ haproxy_config_dir }}/haproxy.cfg"
haproxy_manage_config: true
haproxy_manage_tls: true
haproxy_wanted_certs: []
haproxy_wanted_acme_domains: []
haproxy_acme_backend_name: "acmetool"
_haproxy_ssl_options: 'no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets'
_haproxy_ssl_ciphers: 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384' # noqa yaml[line-length]
_haproxy_ssl_ciphersuites: 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256'
haproxy_default_compression_algo: gzip
haproxy_default_compression_type:
text/css
text/xml
application/javascript
application/atom+xml
application/rss+xml
text/mathml
text/plain
text/x-component
image/svg+xml
application/json
application/vnd.google-earth.kml+xml
application/x-perl
application/xhtml+xml
application/xspf+xml
_haproxy_global:
log:
- address: /dev/log
facility: local0
- address: /dev/log
facility: local1
level: notice
user: haproxy
group: haproxy
daemon: true
ssl_default_bind_options: '{{ _haproxy_ssl_options }}'
ssl_default_bind_ciphers: '{{ _haproxy_ssl_ciphers }}'
ssl_default_bind_ciphersuites: '{{ _haproxy_ssl_ciphersuites }}'
ssl_default_server_options: '{{ _haproxy_ssl_options }}'
ssl_default_server_ciphers: '{{ _haproxy_ssl_ciphers }}'
ssl_default_server_ciphersuites: '{{ _haproxy_ssl_ciphersuites }}'
tune:
ssl.default-dh-param: 2048
haproxy_global: {}
_haproxy_defaults:
mode: http
log:
- address: /dev/log
facility: local0
- address: /dev/log
facility: local1
level: notice
timeout:
- param: 'connect'
value: '5000ms'
- param: 'client'
value: '50000ms'
- param: 'server'
value: '50000ms'
options:
- http-keep-alive