From 984c31d92846579a1368058fbae6f62a4478d64b Mon Sep 17 00:00:00 2001 From: Samuel Clay Date: Mon, 27 Oct 2014 16:32:10 -0700 Subject: [PATCH] Updating HAProxy. --- config/debug_haproxy.conf | 4 +--- fabfile.py | 10 +++++----- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/config/debug_haproxy.conf b/config/debug_haproxy.conf index 1f3ed8756..0987c640c 100644 --- a/config/debug_haproxy.conf +++ b/config/debug_haproxy.conf @@ -32,9 +32,7 @@ defaults frontend public bind :80 - bind :443 ssl crt newsblur.pem - # acl secure dst_port eq 443 - # rspadd Strict-Transport-Security:\ max-age=31536000;\ includeSubDomains + bind :443 ssl crt newsblur.pem ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:RC4-SHA no-sslv3 option http-server-close # Redirect all HTTP traffic to HTTPS diff --git a/fabfile.py b/fabfile.py index be1962e50..24e3ebbec 100644 --- a/fabfile.py +++ b/fabfile.py @@ -714,12 +714,12 @@ def maintenance_off(): def setup_haproxy(debug=False): sudo('ufw allow 81') # nginx moved sudo('ufw allow 1936') # haproxy stats - sudo('apt-get install -y haproxy') - sudo('apt-get remove -y haproxy') + # sudo('apt-get install -y haproxy') + # sudo('apt-get remove -y haproxy') with cd(env.VENDOR_PATH): - run('wget http://haproxy.1wt.eu/download/1.5/src/devel/haproxy-1.5-dev17.tar.gz') - run('tar -xf haproxy-1.5-dev17.tar.gz') - with cd('haproxy-1.5-dev17'): + run('wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.6.tar.gz') + run('tar -xf haproxy-1.5.6.tar.gz') + with cd('haproxy-1.5.6'): run('make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1') sudo('make install') put('config/haproxy-init', '/etc/init.d/haproxy', use_sudo=True)