summaryrefslogtreecommitdiff
path: root/data/templates/load-balancing/haproxy.cfg.j2
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2023-05-19 14:57:43 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2023-05-19 14:57:43 +0000
commit62ce80bd0cb49524f07d6badb2973f15528c0f1b (patch)
tree90a716c1f2e45a502f7a4b2786f3d426f973caac /data/templates/load-balancing/haproxy.cfg.j2
parent9ffbc8d8f9a2d25598f252b2a247fed9a76ea311 (diff)
downloadvyos-1x-62ce80bd0cb49524f07d6badb2973f15528c0f1b.tar.gz
vyos-1x-62ce80bd0cb49524f07d6badb2973f15528c0f1b.zip
T5222: reverse-proxy add send-proxy option for backend server
To accept a Proxy Protocol header on incoming TCP connections, add an accept-proxy parameter to the bind line in a frontend section. This parameter detects both Proxy Protocol version 1 (text format) and Proxy Protocol version 2 (binary format). set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
Diffstat (limited to 'data/templates/load-balancing/haproxy.cfg.j2')
-rw-r--r--data/templates/load-balancing/haproxy.cfg.j22
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2
index 3799071b2..f8e1587f8 100644
--- a/data/templates/load-balancing/haproxy.cfg.j2
+++ b/data/templates/load-balancing/haproxy.cfg.j2
@@ -146,7 +146,7 @@ backend {{ back }}
{% if back_config.server is vyos_defined %}
{% set ssl_back = 'ssl ca-file /run/haproxy/' ~ back_config.ssl.ca_certificate ~ '.pem' if back_config.ssl.ca_certificate is vyos_defined else '' %}
{% for server, server_config in back_config.server.items() %}
- server {{ server }} {{ server_config.address }}:{{ server_config.port }} {{ 'check' if server_config.check is vyos_defined }} {{ ssl_back }}
+ server {{ server }} {{ server_config.address }}:{{ server_config.port }}{{ ' check' if server_config.check is vyos_defined }}{{ ' send-proxy' if server_config.send_proxy is vyos_defined }}{{ ' send-proxy-v2' if server_config.send_proxy_v2 is vyos_defined }} {{ ssl_back }}
{% endfor %}
{% endif %}
{% if back_config.timeout.check is vyos_defined %}