vps交流
当前位置:嘟嘟社区 > bbs > 正文

[已解决] haproxy如何实现中转ws

2022-02-03 分类:bbs

本帖最后由 jarmoku 于 2022-2-3 01:12 编辑

以下是我目前的代码

  1. global
  2.         log /dev/log        local0
  3.         log /dev/log        local1 notice
  4.         chroot /var/lib/haproxy
  5.         stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
  6.         stats timeout 30s
  7.         user haproxy
  8.         group haproxy
  9.         daemon
  11.         # Default SSL material locations
  12.         ca-base /etc/ssl/certs
  13.         crt-base /etc/ssl/private
  15.         # See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
  16.         ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
  17.         ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
  18.         ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
  20. defaults
  21.         log        global
  22.         mode        http
  23.         option        httplog
  24.         option        dontlognull
  25.         timeout connect 5000
  26.         timeout client  50000
  27.         timeout server  50000
  28.         errorfile 400 /etc/haproxy/errors/400.http
  29.         errorfile 403 /etc/haproxy/errors/403.http
  30.         errorfile 408 /etc/haproxy/errors/408.http
  31.         errorfile 500 /etc/haproxy/errors/500.http
  32.         errorfile 502 /etc/haproxy/errors/502.http
  33.         errorfile 503 /etc/haproxy/errors/503.http
  34.         errorfile 504 /etc/haproxy/errors/504.http
  36. frontend http_frontend
  37.     mode http
  38.     option httplog
  39.     bind *:31006
  40.     option forwardfor
  41.     acl host_sjc hdr_beg(host) -i sjc.com
  42.     acl host_tyo hdr_beg(host) -i tyo.com
  44.     use_backend http_sjc if host_sjc
  45.     use_backend http_tyo if host_tyo
  47. backend http_sjc
  48.     mode http
  49.     option httplog
  50.     option forwardfor
  51.     server sjc 029.NA.POP.BIGAIRPORT.NET:12356
  53. backend http_tyo
  54.     mode http
  55.     option httplog
  56.     option forwardfor
  57.     server tyo 024.AP.POP.BIGAIRPORT.NET:12356

复制代码
我是这么转wss的,ws的你可以把ssl的去掉试试 我没试过

  1. frontend pf_http_in
  2.         bind :::2082
  3.         bind :::2083 ssl crt /etc/haproxy/cert.pem
  5.         acl pf_http_00_in hdr_beg(host) -i 域名1
  6.         acl pf_http_01_in hdr_beg(host) -i 域名2
  8.         use_backend pf_http_00_out if pf_http_00_in
  9.         use_backend pf_http_01_out if pf_http_01_in
  10.         use_backend pf_http_00_out if { ssl_fc_sni -i 域名1 }
  11.         use_backend pf_http_01_out if { ssl_fc_sni -i 域名2 }
  12.         default_backend pf_http_00_out
  14. backend pf_http_00_out
  15.         mode tcp
  16.         #mode http
  17.         #option forwardfor
  18.         #balance source
  19.         #timeout server 60s
  20.         #option httpchk HEAD /
  21.         server proxy00 落地IP:端口 maxconn 204800 ssl verify none
  23. backend pf_http_01_out
  24.         mode tcp
  25.         server proxy00 落地IP:端口 maxconn 204800 ssl verify none

复制代码