haproxy: use tcp fastopen
This commit is contained in:
parent
b0ce68bd99
commit
6474e59c30
|
@ -120,7 +120,8 @@ in
|
||||||
timeout server 30000
|
timeout server 30000
|
||||||
|
|
||||||
frontend http-in
|
frontend http-in
|
||||||
bind :::80 v4v6
|
# tfo is tcp fastopen
|
||||||
|
bind :::80 tfo v4v6
|
||||||
option http-keep-alive
|
option http-keep-alive
|
||||||
default_backend proxy-backend-http
|
default_backend proxy-backend-http
|
||||||
|
|
||||||
|
@ -143,7 +144,8 @@ in
|
||||||
}
|
}
|
||||||
|
|
||||||
frontend https-in
|
frontend https-in
|
||||||
bind :::443 v4v6
|
# tfo is tcp fastopen
|
||||||
|
bind :::443 tfo v4v6
|
||||||
tcp-request inspect-delay 5s
|
tcp-request inspect-delay 5s
|
||||||
tcp-request content accept if { req.ssl_hello_type 1 }
|
tcp-request content accept if { req.ssl_hello_type 1 }
|
||||||
|
|
||||||
|
@ -154,7 +156,7 @@ in
|
||||||
) cfg.proxyHosts}
|
) cfg.proxyHosts}
|
||||||
|
|
||||||
${lib.concatMapStrings ({ proxyTo, proxyProtocol, ... }: ''
|
${lib.concatMapStrings ({ proxyTo, proxyProtocol, ... }: ''
|
||||||
|
|
||||||
backend ${canonicalize proxyTo.host}-https
|
backend ${canonicalize proxyTo.host}-https
|
||||||
server ${canonicalize proxyTo.host}-https ${proxyTo.host}:${toString proxyTo.httpsPort} check ${lib.optionalString proxyProtocol "backup"}
|
server ${canonicalize proxyTo.host}-https ${proxyTo.host}:${toString proxyTo.httpsPort} check ${lib.optionalString proxyProtocol "backup"}
|
||||||
${lib.optionalString proxyProtocol "server ${canonicalize proxyTo.host}-proxy-https ${proxyTo.host}:${toString proxyTo.proxyHttpsPort} check send-proxy-v2"}
|
${lib.optionalString proxyProtocol "server ${canonicalize proxyTo.host}-proxy-https ${proxyTo.host}:${toString proxyTo.proxyHttpsPort} check send-proxy-v2"}
|
||||||
|
|
Loading…
Reference in New Issue