HAproxy 下启用 Https


cat demo.crt demo.key > demo.pem

修改 HAproxy 配置文件

配置示例:/etc/haproxy/haproxy.cfg (假设用于健康状态检测的端口为12345)

    log local1 notice
    maxconn 4096
    user haproxy
    group haproxy

    log global
    mode http
    retries 3
    maxconn 2000
    timeout connect 10000
    timeout client 300000
    timeout server 300000

listen seafile
    bind :80
    bind :443 ssl crt /etc/haproxy/demo.pem
    redirect scheme https if !{ ssl_fc }
    mode http
    option httplog
    option dontlognull
    option forwardfor
    cookie SERVERID insert indirect nocache
    server seafileserver01 <ip of frontend node1>:80 check port 12345 cookie seafileserver01
    server seafileserver02 <ip of frontend node2>:80 check port 12345 cookie seafileserver02

修改 nginx 配置

在前端seafile服务器节点上(即node B 和 node C)的nginx配置中添加两行配置到 location / 代码块中: vim /etc/nginx/conf.d/seafile.conf

proxy_set_header   X-Forwarded-Proto https;


location / {
    proxy_set_header   Host $host;
    proxy_set_header   X-Real-IP $remote_addr;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Host $server_name;
    proxy_set_header   X-Forwarded-Proto https;
    proxy_read_timeout  1200s;


nginx -s reload

results matching ""

    No results matching ""