This quick reference to install haproxy, stunnel to support SSL forwarding (with IP forwarding patch)
wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.22.tar.gz tar -zxf haproxy-1.3.22.tar.gz cd haproxy-1.3.22 make TARGET=linux26 cp haproxy /usr/sbin/haproxy vi /etc/haproxy.cfg ... vi /etc/init.d/haproxy ... chmod +x /etc/init.d/haproxy useradd haproxy mkdir -p /var/chroot/haproxy chown haproxy:haproxy /var/chroot/haproxy chmod 700 /var/chroot/haproxy service haproxy start chkconfig --add haproxy vi /etc/sysconfig/syslog SYSLOGD_OPTIONS=”-m 0 -r” vi /etc/syslog.conf local0.* /var/log/haproxy.log local1.* /var/log/haproxy-1.log
Stunnel with HAProxy patch
yum remove stunnel yum install openssl-devel openssl wget http://www.stunnel.org/download/stunnel/src/stunnel-4.22.tar.gz tar -xzf stunnel-4.22.tar.gz cd stunnel-4.22 wget http://haproxy.1wt.eu/download/patches/stunnel-4.22-xforwarded-for.diff patch -p1 < stunnel-4.22-xforwarded-for.diff ./configure --disable-fips make make install mkdir -p /etc/stunnel vi /etc/stunnel/stunnel.conf .... vi /etc/init.d/stunnel .... vi /etc/stunnel/your.pem .... ln -s /usr/local/bin/stunnel /usr/sbin/stunnel chmod +x /etc/init.d/stunnel service stunnel start chkconfig --add stunnel
Leave a Reply