HackMD
Setup HTTPS on HAProxy
This document setup HAProxy as load balancer.
In frontend (codimd-http) we setup as SSL offloader and redirect http protocol to https. Then pass traffics to CodiMD backend.
In backend (codimd-servers) we setup health checker for CodiMD service. it check http://127.0.0.1:3000/status and expect to get status 200 if service is working perfectly.
Configuration Example
Below is a part of configuration example in /etc/haproxy/haproxy.cfg
frontend codimd-http
bind :80
bind :443 ssl crt /etc/certs/md.example.com/certs.pem alpn h2,http/1.1
mode http
# redirect http -> https
redirect scheme https if !{ ssl_fc }
# add proxy header
option forwardfor
http-request add-header X-Forwarded-Proto https if { ssl_fc }
default_backend codimd-servers
backend codimd-servers
# config health check
option httpchk GET /status
http-check expect status 200
server codimd-docker-server 127.0.0.1:3000 check inter 2000 fastinter 1000 downinter 1000
