frontend ssl-in mode tcp log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tw/%Tc/%Tt\ %U:%B\ %ts\ %ac/%fc/%bc/%sc/%rc\ %hr\ %hs\ %sq/%bq bind *:443,:::443 ssl crt /etc/ssl/ritz-ss.blindside-dev.com/ritz-ss.blindside-dev.com.pem # Detect RTMP traffic # The first byte must be 0x03 (version 3) acl rtmp_handshake_ver req.payload(0,1) -m bin 03 # RTMP has a fixed-size handshake: 1 byte version + 1536 byte data. # This acl causes haproxy to not detect a request as rtmp unless # it's received at least that much data (and didn't match other things) #acl rtmp_handshake_size req.len ge 1537 acl rtmp_handshake_size req.len ge 1 acl is_websocket path_beg -i /eventbus #acl is_websocket hdr(Upgrade) -i WebSocket # haproxy has built-in HTTP detection # If we haven't received enough data to identify the protocol after # 30 seconds, drop the connection tcp-request inspect-delay 30s tcp-request content accept if rtmp_handshake_ver rtmp_handshake_size tcp-request content accept if HTTP use_backend vertx if is_websocket use_backend red5 if rtmp_handshake_ver rtmp_handshake_size use_backend nginx if HTTP backend nginx mode http option forwardfor reqadd X-Forwarded-Proto:\ https server nginx 127.0.0.1:80 backend red5 mode tcp server red5 127.0.0.1:1935 backend vertx server vertx 127.0.0.1:3001