diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:18:06 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 12:18:06 +0000 |
commit | 9e9d75224939029e63760bddc02d084846f49fe0 (patch) | |
tree | fbaf2cd0d33f54add493e6dfb943a46de15aad42 /debian/tests/proxy-ssl-pass-through | |
parent | Adding upstream version 2.9.5. (diff) | |
download | haproxy-d8c458c1613c78171871bb60a0fbfa8bc0115593.tar.xz haproxy-d8c458c1613c78171871bb60a0fbfa8bc0115593.zip |
Adding debian version 2.9.5-1.debian/2.9.5-1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/tests/proxy-ssl-pass-through')
-rw-r--r-- | debian/tests/proxy-ssl-pass-through | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/debian/tests/proxy-ssl-pass-through b/debian/tests/proxy-ssl-pass-through new file mode 100644 index 0000000..aa0bd2c --- /dev/null +++ b/debian/tests/proxy-ssl-pass-through @@ -0,0 +1,59 @@ +#!/bin/sh + +set -eux + +WDIR=$(dirname "$0") +. "${WDIR}/utils" + +CERT_DIR=/etc/ssl/localhost +APACHE2_CONFIG=/etc/apache2/sites-available/default-ssl.conf + +create_ca +create_selfsigned_cert ${CERT_DIR} + +# Use the self-signed certificate in apache2 config +sed -i "s#/etc/ssl/certs/ssl-cert-snakeoil.pem#${CERT_DIR}/localhost_cert.pem#" ${APACHE2_CONFIG} +sed -i "s#/etc/ssl/private/ssl-cert-snakeoil.key#${CERT_DIR}/localhost_key.pem#" ${APACHE2_CONFIG} + +cat > /etc/haproxy/haproxy.cfg <<EOF +global + chroot /var/lib/haproxy + user haproxy + group haproxy + daemon + maxconn 4096 + +defaults + log global + option dontlognull + option redispatch + retries 3 + timeout client 50s + timeout connect 10s + timeout http-request 5s + timeout server 50s + maxconn 4096 + +frontend test-front + bind *:4433 + mode tcp + option tcplog + default_backend test-back + +backend test-back + mode tcp + stick store-request src + stick-table type ip size 256k expire 30m + option ssl-hello-chk + server test-1 localhost:443 check +EOF + +systemctl restart haproxy +a2enmod ssl +a2ensite default-ssl +systemctl restart apache2 +sleep 5 # Apache 2 could be still starting... See #976997. It needs some extra seconds because of SSL + +check_index_file "https://localhost:4433" + +exit 0 |