1global
 2  maxconn 4096
 3  tune.ssl.default-dh-param 2048
 4
 5defaults
 6  mode http
 7  timeout connect 5000ms
 8  timeout client 50000ms
 9  timeout server 50000ms
10  option forwardfor
11  option http-server-close
12  stats enable
13  stats uri /stats
14  stats realm Haproxy\ Statistics
15  stats auth username:password
16
17frontend www-http
18  bind *:80
19  reqadd X-Forwarded-Proto:\ http
20  default_backend www-backend
21
22frontend www-https
23  bind *:443 ssl crt /usr/local/etc/haproxy/server.pem
24  reqadd X-Forwarded-Proto:\ https
25  default_backend www-backend
26
27backend www-backend
28  redirect scheme https if !{ ssl_fc }
29  balance roundrobin
30  server www1 www1:443 check ssl verify none
31  server www2 www2:443 check ssl verify none