├── .github └── workflows │ ├── docker_auto.yml │ ├── docker_description.yml │ ├── docker_manual.yml │ └── update.yml ├── 2.4 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 2.6 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 2.8 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 2.9 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 3.0 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 3.1 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 3.2 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── 3.3 ├── Dockerfile ├── docker-entrypoint.sh └── haproxy.cfg ├── README.md ├── README_short.md ├── build.sh └── update.sh /.github/workflows/docker_auto.yml: -------------------------------------------------------------------------------- 1 | name: Automatic build on release and push to Docker Hub 2 | on: 3 | push: 4 | tags: 5 | - "[0-9]+.[0-9]+.[0-9]+" 6 | - "[0-9]+.[0-9]+-dev[0-9]+" 7 | jobs: 8 | main: 9 | runs-on: ubuntu-22.04 10 | permissions: 11 | contents: read 12 | packages: write 13 | env: 14 | DOCKER_PLATFORMS: linux/amd64,linux/arm/v7,linux/arm64 15 | DOCKER_IMAGE: haproxytech/haproxy-debian 16 | STABLE_BRANCH: "3.2" 17 | steps: 18 | - name: Login to Docker Hub 19 | id: login_docker 20 | uses: docker/login-action@v3 21 | with: 22 | username: ${{ secrets.DOCKER_HUB_USERNAME }} 23 | password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} 24 | 25 | - name: Login to Container Registry 26 | id: login_ghcr 27 | uses: docker/login-action@v3 28 | with: 29 | registry: ghcr.io 30 | username: ${{ github.actor }} 31 | password: ${{ secrets.GITHUB_TOKEN }} 32 | 33 | - name: Set up QEMU 34 | uses: docker/setup-qemu-action@v3 35 | 36 | - name: Set up Docker Buildx 37 | id: buildx 38 | uses: docker/setup-buildx-action@v3 39 | 40 | - name: Cache Docker layers 41 | uses: actions/cache@v4 42 | with: 43 | path: /tmp/.buildx-cache 44 | key: ${{ runner.os }}-buildx-${{ github.sha }} 45 | restore-keys: | 46 | ${{ runner.os }}-buildx- 47 | 48 | - name: Check out repo 49 | id: checkout 50 | uses: actions/checkout@v4 51 | 52 | - name: Prepare env variables 53 | id: env 54 | run: | 55 | echo "BUILD_BRANCH=$(echo $GITHUB_REF | cut -d / -f 3 | cut -d. -f-2 | cut -d- -f1)" >> $GITHUB_ENV 56 | echo "BUILD_VER=$(echo $GITHUB_REF | cut -d / -f 3)" >> $GITHUB_ENV 57 | echo "BUILD_DATE=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_ENV 58 | echo "GIT_SHA=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV 59 | echo "GIT_REF=$(git symbolic-ref -q --short HEAD || git describe --tags --exact-match)" >> $GITHUB_ENV 60 | 61 | - name: Build and push latest stable branch 62 | if: ${{ env.BUILD_BRANCH == env.STABLE_BRANCH }} 63 | id: docker_build_latest 64 | uses: docker/build-push-action@v6 65 | with: 66 | context: ${{ env.BUILD_BRANCH }} 67 | file: ${{ env.BUILD_BRANCH }}/Dockerfile 68 | builder: ${{ steps.buildx.outputs.name }} 69 | platforms: ${{ env.DOCKER_PLATFORMS }} 70 | push: true 71 | labels: | 72 | org.opencontainers.image.authors=${{ github.repository_owner }} 73 | org.opencontainers.image.created=${{ env.BUILD_DATE }} 74 | org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }} 75 | org.opencontainers.image.ref.name=${{ env.GIT_REF }} 76 | org.opencontainers.image.revision=${{ github.sha }} 77 | org.opencontainers.image.source=https://github.com/${{ github.repository }} 78 | org.opencontainers.image.version=${{ env.BUILD_VER }} 79 | tags: | 80 | ${{ env.DOCKER_IMAGE }}:latest 81 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }} 82 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }} 83 | ghcr.io/${{ github.repository }}:latest 84 | ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }} 85 | ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }} 86 | cache-from: type=local,src=/tmp/.buildx-cache 87 | cache-to: type=local,dest=/tmp/.buildx-cache-new 88 | 89 | - name: Build and push everything else 90 | if: ${{ env.BUILD_BRANCH != env.STABLE_BRANCH }} 91 | id: docker_build_regular 92 | uses: docker/build-push-action@v6 93 | with: 94 | context: ${{ env.BUILD_BRANCH }} 95 | file: ${{ env.BUILD_BRANCH }}/Dockerfile 96 | builder: ${{ steps.buildx.outputs.name }} 97 | platforms: ${{ env.DOCKER_PLATFORMS }} 98 | push: true 99 | labels: | 100 | org.opencontainers.image.authors=${{ github.repository_owner }} 101 | org.opencontainers.image.created=${{ env.BUILD_DATE }} 102 | org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }} 103 | org.opencontainers.image.ref.name=${{ env.GIT_REF }} 104 | org.opencontainers.image.revision=${{ github.sha }} 105 | org.opencontainers.image.source=https://github.com/${{ github.repository }} 106 | org.opencontainers.image.version=${{ env.BUILD_VER }} 107 | tags: | 108 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }} 109 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }} 110 | ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }} 111 | ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }} 112 | cache-from: type=local,src=/tmp/.buildx-cache 113 | cache-to: type=local,dest=/tmp/.buildx-cache-new 114 | 115 | - name: Move cache 116 | run: | 117 | rm -rf /tmp/.buildx-cache 118 | mv /tmp/.buildx-cache-new /tmp/.buildx-cache 119 | -------------------------------------------------------------------------------- /.github/workflows/docker_description.yml: -------------------------------------------------------------------------------- 1 | name: Update Docker Hub description 2 | on: 3 | push: 4 | branches: 5 | - main 6 | paths: 7 | - README.md 8 | workflow_dispatch: 9 | jobs: 10 | main: 11 | runs-on: ubuntu-22.04 12 | env: 13 | DOCKER_IMAGE: haproxytech/haproxy-debian 14 | steps: 15 | - name: Check out repo 16 | id: checkout 17 | uses: actions/checkout@v4 18 | 19 | - name: Update Docker Hub description 20 | id: description 21 | uses: peter-evans/dockerhub-description@v2 22 | with: 23 | username: ${{ secrets.DOCKER_HUB_USERNAME }} 24 | password: ${{ secrets.DOCKER_HUB_PASSWORD }} 25 | repository: ${{ env.DOCKER_IMAGE }} 26 | short-description: ${{ github.event.repository.description }} 27 | -------------------------------------------------------------------------------- /.github/workflows/docker_manual.yml: -------------------------------------------------------------------------------- 1 | name: Manual build and push to Docker Hub 2 | on: 3 | workflow_dispatch: 4 | jobs: 5 | main: 6 | runs-on: ubuntu-22.04 7 | permissions: 8 | contents: read 9 | packages: write 10 | strategy: 11 | matrix: 12 | branch: ["2.4", "2.6", "2.8", "2.9", "3.0", "3.1", "3.2", "3.3"] 13 | env: 14 | DOCKER_PLATFORMS: linux/amd64,linux/arm/v7,linux/arm64 15 | DOCKER_IMAGE: haproxytech/haproxy-debian 16 | STABLE_BRANCH: "3.2" 17 | steps: 18 | - name: Login to Docker Hub 19 | id: login_docker 20 | uses: docker/login-action@v3 21 | with: 22 | username: ${{ secrets.DOCKER_HUB_USERNAME }} 23 | password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} 24 | 25 | - name: Login to Container Registry 26 | id: login_ghcr 27 | uses: docker/login-action@v3 28 | with: 29 | registry: ghcr.io 30 | username: ${{ github.actor }} 31 | password: ${{ secrets.GITHUB_TOKEN }} 32 | 33 | - name: Set up QEMU 34 | uses: docker/setup-qemu-action@v3 35 | 36 | - name: Set up Docker Buildx 37 | id: buildx 38 | uses: docker/setup-buildx-action@v3 39 | 40 | - name: Cache Docker layers 41 | uses: actions/cache@v4 42 | with: 43 | path: /tmp/.buildx-cache 44 | key: ${{ runner.os }}-buildx-${{ github.sha }} 45 | restore-keys: | 46 | ${{ runner.os }}-buildx- 47 | 48 | - name: Check out repo 49 | id: checkout 50 | uses: actions/checkout@v4 51 | 52 | - name: Prepare env variables 53 | id: env 54 | run: | 55 | echo "BUILD_BRANCH=$(echo ${{ matrix.branch }})" >> $GITHUB_ENV 56 | echo "BUILD_VER=$(awk '/^ENV HAPROXY_MINOR/ {print $NF}' ${{ matrix.branch }}/Dockerfile)" >> $GITHUB_ENV 57 | echo "BUILD_DATE=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_ENV 58 | echo "GIT_SHA=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV 59 | echo "GIT_REF=$(git symbolic-ref -q --short HEAD || git describe --tags --exact-match)" >> $GITHUB_ENV 60 | 61 | - name: Build and push latest stable branch 62 | if: ${{ env.BUILD_BRANCH == env.STABLE_BRANCH }} 63 | id: docker_build_latest 64 | uses: docker/build-push-action@v6 65 | with: 66 | context: ${{ env.BUILD_BRANCH }} 67 | file: ${{ env.BUILD_BRANCH }}/Dockerfile 68 | builder: ${{ steps.buildx.outputs.name }} 69 | platforms: ${{ env.DOCKER_PLATFORMS }} 70 | push: true 71 | labels: | 72 | org.opencontainers.image.authors=${{ github.repository_owner }} 73 | org.opencontainers.image.created=${{ env.BUILD_DATE }} 74 | org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }} 75 | org.opencontainers.image.ref.name=${{ env.GIT_REF }} 76 | org.opencontainers.image.revision=${{ github.sha }} 77 | org.opencontainers.image.source=https://github.com/${{ github.repository }} 78 | org.opencontainers.image.version=${{ env.BUILD_VER }} 79 | tags: | 80 | ${{ env.DOCKER_IMAGE }}:latest 81 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }} 82 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }} 83 | ghcr.io/${{ github.repository }}:latest 84 | ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }} 85 | ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }} 86 | cache-from: type=local,src=/tmp/.buildx-cache 87 | cache-to: type=local,dest=/tmp/.buildx-cache-new 88 | 89 | - name: Build and push everything else 90 | if: ${{ env.BUILD_BRANCH != env.STABLE_BRANCH }} 91 | id: docker_build_regular 92 | uses: docker/build-push-action@v6 93 | with: 94 | context: ${{ env.BUILD_BRANCH }} 95 | file: ${{ env.BUILD_BRANCH }}/Dockerfile 96 | builder: ${{ steps.buildx.outputs.name }} 97 | platforms: ${{ env.DOCKER_PLATFORMS }} 98 | push: true 99 | labels: | 100 | org.opencontainers.image.authors=${{ github.repository_owner }} 101 | org.opencontainers.image.created=${{ env.BUILD_DATE }} 102 | org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }} 103 | org.opencontainers.image.ref.name=${{ env.GIT_REF }} 104 | org.opencontainers.image.revision=${{ github.sha }} 105 | org.opencontainers.image.source=https://github.com/${{ github.repository }} 106 | org.opencontainers.image.version=${{ env.BUILD_VER }} 107 | tags: | 108 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }} 109 | ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }} 110 | ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }} 111 | ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }} 112 | cache-from: type=local,src=/tmp/.buildx-cache 113 | cache-to: type=local,dest=/tmp/.buildx-cache-new 114 | 115 | - name: Move cache 116 | run: | 117 | rm -rf /tmp/.buildx-cache 118 | mv /tmp/.buildx-cache-new /tmp/.buildx-cache 119 | -------------------------------------------------------------------------------- /.github/workflows/update.yml: -------------------------------------------------------------------------------- 1 | name: Version update check and release 2 | 3 | on: 4 | schedule: 5 | - cron: "0 * * * *" 6 | workflow_dispatch: 7 | 8 | jobs: 9 | main: 10 | runs-on: ubuntu-22.04 11 | steps: 12 | - name: Check out repo 13 | id: checkout 14 | uses: actions/checkout@v4 15 | with: 16 | token: ${{ secrets.ACTION_TOKEN }} 17 | 18 | - name: Run a multi-line script 19 | id: build 20 | run: | 21 | git config --local user.email "github-actions[bot]@haproxy.com" 22 | git config --local user.name "github-actions[bot]" 23 | ./build.sh 24 | -------------------------------------------------------------------------------- /2.4/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 2.4.29 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 2.4 27 | ENV HAPROXY_MINOR 2.4.29 28 | ENV HAPROXY_SHA256 89e1e675bfecc88624c19850fd6b69f7b91f112d61f30a3b20a625298ef1f3f3 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | ADDLIB=-ljemalloc \ 55 | all && \ 56 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 57 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 58 | mkdir -p /var/lib/haproxy && \ 59 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 60 | mkdir -p /usr/local/etc/haproxy && \ 61 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 62 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 63 | rm -rf /tmp/haproxy && \ 64 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 65 | apt-get clean && \ 66 | rm -rf /var/lib/apt/lists/* && \ 67 | chmod +x /usr/local/bin/dataplaneapi && \ 68 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 69 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 70 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 71 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 72 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 73 | 74 | COPY haproxy.cfg /usr/local/etc/haproxy 75 | COPY docker-entrypoint.sh / 76 | 77 | STOPSIGNAL SIGUSR1 78 | 79 | ENTRYPOINT ["/docker-entrypoint.sh"] 80 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 81 | -------------------------------------------------------------------------------- /2.4/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /2.4/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/2.4/doc/configuration.txt 6 | # https://docs.haproxy.org/2.4/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /2.6/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 2.6.22 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 2.6 27 | ENV HAPROXY_MINOR 2.6.22 28 | ENV HAPROXY_SHA256 4c0797f450f997dc287d2c7aafa7a0e5b7a2d71593a2cd58e664e8f3aea614fa 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | ADDLIB=-ljemalloc \ 55 | all && \ 56 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 57 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 58 | mkdir -p /var/lib/haproxy && \ 59 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 60 | mkdir -p /usr/local/etc/haproxy && \ 61 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 62 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 63 | rm -rf /tmp/haproxy && \ 64 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 65 | apt-get clean && \ 66 | rm -rf /var/lib/apt/lists/* && \ 67 | chmod +x /usr/local/bin/dataplaneapi && \ 68 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 69 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 70 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 71 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 72 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 73 | 74 | COPY haproxy.cfg /usr/local/etc/haproxy 75 | COPY docker-entrypoint.sh / 76 | 77 | STOPSIGNAL SIGUSR1 78 | 79 | ENTRYPOINT ["/docker-entrypoint.sh"] 80 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 81 | -------------------------------------------------------------------------------- /2.6/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /2.6/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/2.6/doc/configuration.txt 6 | # https://docs.haproxy.org/2.6/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /2.8/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 2.8.15 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 2.8 27 | ENV HAPROXY_MINOR 2.8.15 28 | ENV HAPROXY_SHA256 98f0551b9c3041a87869f4cd4e1465adf6fbef2056e83aabea92106032585242 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /2.8/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /2.8/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/2.8/doc/configuration.txt 6 | # https://docs.haproxy.org/2.8/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /2.9/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 2.9.15 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 2.9 27 | ENV HAPROXY_MINOR 2.9.15 28 | ENV HAPROXY_SHA256 5eec9b048458d0cdc682ec823810f953507c92e4d12673145156c7dbe560bfc5 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /2.9/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /2.9/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/2.9/doc/configuration.txt 6 | # https://docs.haproxy.org/2.9/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /3.0/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 3.0.11 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 3.0 27 | ENV HAPROXY_MINOR 3.0.11 28 | ENV HAPROXY_SHA256 a133e2d550c5fd9a849b5c7ab17bb945bcdad209ca140d41f45ebf31943ae783 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /3.0/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /3.0/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/3.0/doc/configuration.txt 6 | # https://docs.haproxy.org/3.0/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /3.1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 3.1.8 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 3.1 27 | ENV HAPROXY_MINOR 3.1.8 28 | ENV HAPROXY_SHA256 6f249014b547d34fb41e19867746ec4da4ea7be0c0ce3b56f3cfde57ca3b212d 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /3.1/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /3.1/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/3.1/doc/configuration.txt 6 | # https://docs.haproxy.org/3.1/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /3.2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 3.2.1 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 3.2 27 | ENV HAPROXY_MINOR 3.2.1 28 | ENV HAPROXY_SHA256 bb3f967a797c8851d08683ec43dfafe4ad7bf5ad86fa6b0721cad033ea9e5ae5 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /3.2/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /3.2/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/3.2/doc/configuration.txt 6 | # https://docs.haproxy.org/3.2/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /3.3/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:alpine AS builder 2 | 3 | ENV DATAPLANE_MINOR 3.2.0 4 | ENV DATAPLANE_V2_MINOR 2.9.13 5 | ENV DATAPLANE_URL https://github.com/haproxytech/dataplaneapi.git 6 | 7 | RUN apk add --no-cache ca-certificates git make && \ 8 | git clone "${DATAPLANE_URL}" "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 9 | cd "${GOPATH}/src/github.com/haproxytech/dataplaneapi" && \ 10 | git checkout "v${DATAPLANE_MINOR}" && \ 11 | make build && cp build/dataplaneapi /dataplaneapi && \ 12 | make clean && \ 13 | git checkout "v${DATAPLANE_V2_MINOR}" && \ 14 | make build && cp build/dataplaneapi /dataplaneapi-v2 15 | 16 | FROM debian:bookworm-slim 17 | 18 | MAINTAINER Dinko Korunic 19 | 20 | LABEL Name HAProxy 21 | LABEL Release Community Edition 22 | LABEL Vendor HAProxy 23 | LABEL Version 3.3-dev1 24 | LABEL RUN /usr/bin/docker -d IMAGE 25 | 26 | ENV HAPROXY_BRANCH 3.3 27 | ENV HAPROXY_MINOR 3.3-dev1 28 | ENV HAPROXY_SHA256 018c136b506bc832db82ad7d43dd2f55471f4f88e051f7ba5131212183cb3083 29 | ENV HAPROXY_SRC_URL http://www.haproxy.org/download 30 | 31 | ENV HAPROXY_UID haproxy 32 | ENV HAPROXY_GID haproxy 33 | 34 | ENV DEBIAN_FRONTEND noninteractive 35 | 36 | COPY --from=builder /dataplaneapi /usr/local/bin/dataplaneapi 37 | COPY --from=builder /dataplaneapi-v2 /usr/local/bin/dataplaneapi-v2 38 | 39 | RUN apt-get update && \ 40 | apt-get install -y --no-install-recommends procps libssl3 zlib1g "libpcre2-*" liblua5.4-0 libatomic1 tar curl socat ca-certificates libjemalloc2 && \ 41 | apt-get install -y --no-install-recommends gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 42 | c_rehash && \ 43 | curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/devel/haproxy-${HAPROXY_MINOR}.tar.gz" -o haproxy.tar.gz && \ 44 | echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c - && \ 45 | groupadd "$HAPROXY_GID" && \ 46 | useradd -g "$HAPROXY_GID" "$HAPROXY_UID" && \ 47 | mkdir -p /tmp/haproxy && \ 48 | tar -xzf haproxy.tar.gz -C /tmp/haproxy --strip-components=1 && \ 49 | rm -f haproxy.tar.gz && \ 50 | make -C /tmp/haproxy -j"$(nproc)" TARGET=linux-glibc CPU=generic USE_PCRE2=1 USE_PCRE2_JIT=1 \ 51 | USE_TFO=1 USE_LINUX_TPROXY=1 USE_LUA=1 USE_GETADDRINFO=1 \ 52 | USE_PROMEX=1 USE_SLZ=1 \ 53 | USE_OPENSSL=1 USE_PTHREAD_EMULATION=1 \ 54 | USE_QUIC=1 USE_QUIC_OPENSSL_COMPAT=1 \ 55 | ADDLIB=-ljemalloc \ 56 | all && \ 57 | make -C /tmp/haproxy TARGET=linux-glibc install-bin install-man && \ 58 | ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy && \ 59 | mkdir -p /var/lib/haproxy && \ 60 | chown "$HAPROXY_UID:$HAPROXY_GID" /var/lib/haproxy && \ 61 | mkdir -p /usr/local/etc/haproxy && \ 62 | ln -s /usr/local/etc/haproxy /etc/haproxy && \ 63 | cp -R /tmp/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors && \ 64 | rm -rf /tmp/haproxy && \ 65 | apt-get purge -y --auto-remove gcc make libc6-dev libssl-dev libpcre2-dev zlib1g-dev liblua5.4-dev libjemalloc-dev && \ 66 | apt-get clean && \ 67 | rm -rf /var/lib/apt/lists/* && \ 68 | chmod +x /usr/local/bin/dataplaneapi && \ 69 | ln -s /usr/local/bin/dataplaneapi /usr/bin/dataplaneapi && \ 70 | chmod +x /usr/local/bin/dataplaneapi-v2 && \ 71 | ln -s /usr/local/bin/dataplaneapi-v2 /usr/bin/dataplaneapi-v2 && \ 72 | touch /usr/local/etc/haproxy/dataplaneapi.yml && \ 73 | chown "$HAPROXY_UID:$HAPROXY_GID" /usr/local/etc/haproxy/dataplaneapi.yml 74 | 75 | COPY haproxy.cfg /usr/local/etc/haproxy 76 | COPY docker-entrypoint.sh / 77 | 78 | STOPSIGNAL SIGUSR1 79 | 80 | ENTRYPOINT ["/docker-entrypoint.sh"] 81 | CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] 82 | -------------------------------------------------------------------------------- /3.3/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | 4 | # first arg is `-f` or `--some-option` 5 | if [ "${1#-}" != "$1" ]; then 6 | set -- haproxy "$@" 7 | fi 8 | 9 | if [ "$1" = 'haproxy' ]; then 10 | shift # "haproxy" 11 | # if the user wants "haproxy", let's add a couple useful flags 12 | # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") 13 | # -db -- disables background mode 14 | set -- haproxy -W -db "$@" 15 | fi 16 | 17 | exec "$@" 18 | -------------------------------------------------------------------------------- /3.3/haproxy.cfg: -------------------------------------------------------------------------------- 1 | #--------------------------------------------------------------------- 2 | # Example configuration for a possible web application. See the 3 | # full configuration options online. 4 | # 5 | # https://www.haproxy.org/download/3.3/doc/configuration.txt 6 | # https://docs.haproxy.org/3.3/configuration.html 7 | # 8 | #--------------------------------------------------------------------- 9 | 10 | #--------------------------------------------------------------------- 11 | # Global settings 12 | #--------------------------------------------------------------------- 13 | global 14 | # to have these messages end up in /var/log/haproxy.log you will 15 | # need to: 16 | # 17 | # 1) configure syslog to accept network log events. This is done 18 | # by adding the '-r' option to the SYSLOGD_OPTIONS in 19 | # /etc/sysconfig/syslog 20 | # 21 | # 2) configure local2 events to go to the /var/log/haproxy.log 22 | # file. A line like the following can be added to 23 | # /etc/sysconfig/syslog 24 | # 25 | # local2.* /var/log/haproxy.log 26 | # 27 | log 127.0.0.1 local2 28 | 29 | chroot /var/lib/haproxy 30 | pidfile /var/run/haproxy.pid 31 | maxconn 4000 32 | user haproxy 33 | group haproxy 34 | # daemon 35 | 36 | # turn on stats unix socket 37 | stats socket /var/lib/haproxy/stats 38 | 39 | #--------------------------------------------------------------------- 40 | # common defaults that all the 'listen' and 'backend' sections will 41 | # use if not designated in their block 42 | #--------------------------------------------------------------------- 43 | defaults 44 | mode http 45 | log global 46 | option httplog 47 | option dontlognull 48 | option http-server-close 49 | option forwardfor except 127.0.0.0/8 50 | option redispatch 51 | retries 3 52 | timeout http-request 10s 53 | timeout queue 1m 54 | timeout connect 10s 55 | timeout client 1m 56 | timeout server 1m 57 | timeout http-keep-alive 10s 58 | timeout check 10s 59 | maxconn 3000 60 | 61 | #--------------------------------------------------------------------- 62 | # example how to define user and enable Data Plane API on tcp/5555 63 | # more information: https://github.com/haproxytech/dataplaneapi and 64 | # https://www.haproxy.com/documentation/hapee/2-0r1/configuration/dataplaneapi/ 65 | #--------------------------------------------------------------------- 66 | # userlist haproxy-dataplaneapi 67 | # user admin insecure-password mypassword 68 | # 69 | # program api 70 | # command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 71 | # no option start-on-reload 72 | 73 | #--------------------------------------------------------------------- 74 | # main frontend which proxys to the backends 75 | #--------------------------------------------------------------------- 76 | frontend main 77 | bind *:80 78 | # bind *:443 ssl # To be completed .... 79 | 80 | acl url_static path_beg -i /static /images /javascript /stylesheets 81 | acl url_static path_end -i .jpg .gif .png .css .js 82 | 83 | use_backend static if url_static 84 | default_backend app 85 | 86 | #--------------------------------------------------------------------- 87 | # static backend for serving up images, stylesheets and such 88 | #--------------------------------------------------------------------- 89 | backend static 90 | balance roundrobin 91 | server static1 127.0.0.1:4331 check 92 | server static2 127.0.0.1:4332 check 93 | 94 | #--------------------------------------------------------------------- 95 | # round robin balancing between the various backends 96 | #--------------------------------------------------------------------- 97 | backend app 98 | balance roundrobin 99 | server app1 127.0.0.1:5001 check 100 | server app2 127.0.0.1:5002 check 101 | server app3 127.0.0.1:5003 check 102 | server app4 127.0.0.1:5004 check 103 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Supported tags and respective `Dockerfile` links 2 | 3 | - [`3.3-dev1`, `3.3`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/3.3/Dockerfile) 4 | - [`3.2.1`, `3.2`, `latest`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/3.2/Dockerfile) 5 | - [`3.1.8`, `3.1`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/3.1/Dockerfile) 6 | - [`3.0.11`, `3.0`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/3.0/Dockerfile) 7 | - [`2.9.15`, `2.9`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/2.9/Dockerfile) 8 | - [`2.8.15`, `2.8`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/2.8/Dockerfile) 9 | - [`2.6.22`, `2.6`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/2.6/Dockerfile) 10 | - [`2.4.29`, `2.4`](https://github.com/haproxytech/haproxy-docker-debian/blob/main/2.4/Dockerfile) 11 | 12 | # Quick reference 13 | 14 | - **Where to get help**: 15 | [HAProxy mailing list](mailto:haproxy@formilux.org), [HAProxy Community Slack](https://slack.haproxy.org/) or [#haproxy on Libera.chat](irc://irc.libera.chat/%23haproxy) 16 | 17 | - **Where to file issues**: 18 | [https://github.com/haproxytech/haproxy-docker-debian/issues](https://github.com/haproxytech/haproxy-docker-debian/issues) 19 | 20 | - **Maintained by**: 21 | [HAProxy Technologies](https://github.com/haproxytech) 22 | 23 | - **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) 24 | `linux/amd64`, `linux/arm64`, `linux/arm/v7` 25 | 26 | - **Image updates**: 27 | [commits to `haproxytech/haproxy-docker-debian`](https://github.com/haproxytech/haproxy-docker-debian/commits/main), [top level `haproxytech/haproxy-docker-debian` image folder](https://github.com/haproxytech/haproxy-docker-debian) 28 | 29 | - **Source of this description**: 30 | [README.md](https://github.com/haproxytech/haproxy-docker-debian/blob/main/README.md) 31 | 32 | # What is HAProxy? 33 | 34 | HAProxy is the fastest and most widely used open-source load balancer and application delivery controller. Written in C, it has a reputation for efficient use of both processor and memory. It can proxy at either layer 4 (TCP) or layer 7 (HTTP) and has additional features for inspecting, routing and modifying HTTP messages. 35 | 36 | It comes bundled with a web UI, called the HAProxy Stats page, that you can use to monitor error rates, the volume of traffic and latency. Features can be toggled on by updating a single configuration file, which provides a syntax for defining routing rules, rate limiting, access controls, and more. 37 | 38 | Other features include: 39 | 40 | - SSL/TLS termination 41 | - Gzip compression 42 | - Health checking 43 | - HTTP/2 44 | - gRPC support 45 | - Lua scripting 46 | - DNS service discovery 47 | - Automatic retries of failed conenctions 48 | - Verbose logging 49 | 50 | ![logo](https://www.haproxy.org/img/HAProxyCommunityEdition_60px.png) 51 | 52 | # How to use this image 53 | 54 | This image is being shipped with a trivial sample configuration and for any real life use it should be configured according to the [extensive documentation](https://docs.haproxy.org/) and [examples](https://github.com/haproxy/haproxy/tree/master/examples). We will now show how to override shipped haproxy.cfg with one of your own. 55 | 56 | ## Create a `Dockerfile` 57 | 58 | ```dockerfile 59 | FROM haproxytech/haproxy-debian:3.0 60 | COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg 61 | ``` 62 | 63 | ## Build the container 64 | 65 | ```console 66 | $ docker build -t my-haproxy . 67 | ``` 68 | 69 | ## Test the configuration file 70 | 71 | ```console 72 | $ docker run -it --rm my-haproxy haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg 73 | ``` 74 | 75 | ## Run the container 76 | 77 | ```console 78 | $ docker run -d --name my-running-haproxy my-haproxy 79 | ``` 80 | 81 | You will also need to publish the ports your HAProxy is listening on to the host by specifying the `-p` option, for example `-p 8080:80` to publish port 8080 from the container host to port 80 in the container. 82 | 83 | ## Use volume for configuration persistency 84 | 85 | ```console 86 | $ docker run -d --name my-running-haproxy -v /path/to/etc/haproxy:/usr/local/etc/haproxy:ro haproxytech/haproxy-debian:3.0 87 | ``` 88 | 89 | Note that your host's `/path/to/etc/haproxy` folder should be populated with a file named `haproxy.cfg` as well as any other accompanying files local to `/etc/haproxy`. 90 | 91 | ## Reloading config 92 | 93 | To be able to reload HAProxy configuration, you can send `SIGUSR2` to the container: 94 | 95 | ```console 96 | $ docker kill -s USR2 my-running-haproxy 97 | ``` 98 | 99 | ## Enable Data Plane API 100 | 101 | [Data Plane API](https://www.haproxy.com/documentation/hapee/2-7r1/api/data-plane-api/) sidecar is being distributed by default in all 2.0+ images and to enable it there are a few steps required: 102 | 103 | 1. define one or more users through `userlist` 104 | 2. enable dataplane api process through `program api` 105 | 3. enable haproxy.cfg to be read/write mounted in Docker, either by defining volume being r/w or by rebuilding image with your own haproxy.cfg 106 | 4. expose dataplane TCP port in Docker with `--expose` 107 | 108 | Relevant part of haproxy.cfg is below: 109 | 110 | ``` 111 | userlist haproxy-dataplaneapi 112 | user admin insecure-password mypassword 113 | 114 | program api 115 | command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /usr/local/etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 116 | no option start-on-reload 117 | ``` 118 | 119 | To run such image we would use the following command (note that volume containing haproxy.cfg is mounted r/w and port tcp/5555 is being exposed): 120 | 121 | ```console 122 | $ docker run -d --name my-running-haproxy --expose 5555 -v /path/to/etc/haproxy:/usr/local/etc/haproxy:rw haproxytech/haproxy-debian 123 | ``` 124 | 125 | # License 126 | 127 | View [license information](https://raw.githubusercontent.com/haproxy/haproxy/master/LICENSE) for the software contained in this image. 128 | 129 | As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). 130 | -------------------------------------------------------------------------------- /README_short.md: -------------------------------------------------------------------------------- 1 | # Quick reference 2 | 3 | - **Where to get help**: 4 | [HAProxy mailing list](mailto:haproxy@formilux.org), [HAProxy Community Slack](https://slack.haproxy.org/) or [#haproxy on Libera.chat](irc://irc.libera.chat/%23haproxy) 5 | 6 | - **Where to file issues**: 7 | [https://github.com/haproxytech/haproxy-docker-debian/issues](https://github.com/haproxytech/haproxy-docker-debian/issues) 8 | 9 | - **Maintained by**: 10 | [HAProxy Technologies](https://github.com/haproxytech) 11 | 12 | - **Supported architectures**: ([more info](https://github.com/docker-library/official-images#architectures-other-than-amd64)) 13 | `linux/amd64`, `linux/arm64`, `linux/arm/v7` 14 | 15 | - **Image updates**: 16 | [commits to `haproxytech/haproxy-docker-debian`](https://github.com/haproxytech/haproxy-docker-debian/commits/main), [top level `haproxytech/haproxy-docker-debian` image folder](https://github.com/haproxytech/haproxy-docker-debian) 17 | 18 | - **Source of this description**: 19 | [README.md](https://github.com/haproxytech/haproxy-docker-debian/blob/main/README.md) 20 | 21 | # What is HAProxy? 22 | 23 | HAProxy is the fastest and most widely used open-source load balancer and application delivery controller. Written in C, it has a reputation for efficient use of both processor and memory. It can proxy at either layer 4 (TCP) or layer 7 (HTTP) and has additional features for inspecting, routing and modifying HTTP messages. 24 | 25 | It comes bundled with a web UI, called the HAProxy Stats page, that you can use to monitor error rates, the volume of traffic and latency. Features can be toggled on by updating a single configuration file, which provides a syntax for defining routing rules, rate limiting, access controls, and more. 26 | 27 | Other features include: 28 | 29 | - SSL/TLS termination 30 | - Gzip compression 31 | - Health checking 32 | - HTTP/2 33 | - gRPC support 34 | - Lua scripting 35 | - DNS service discovery 36 | - Automatic retries of failed conenctions 37 | - Verbose logging 38 | 39 | ![logo](https://www.haproxy.org/img/HAProxyCommunityEdition_60px.png) 40 | 41 | # How to use this image 42 | 43 | This image is being shipped with a trivial sample configuration and for any real life use it should be configured according to the [extensive documentation](https://docs.haproxy.org/) and [examples](https://github.com/haproxy/haproxy/tree/master/examples). We will now show how to override shipped haproxy.cfg with one of your own. 44 | 45 | ## Create a `Dockerfile` 46 | 47 | ```dockerfile 48 | FROM haproxytech/haproxy-debian:3.0 49 | COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg 50 | ``` 51 | 52 | ## Build the container 53 | 54 | ```console 55 | $ docker build -t my-haproxy . 56 | ``` 57 | 58 | ## Test the configuration file 59 | 60 | ```console 61 | $ docker run -it --rm my-haproxy haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg 62 | ``` 63 | 64 | ## Run the container 65 | 66 | ```console 67 | $ docker run -d --name my-running-haproxy my-haproxy 68 | ``` 69 | 70 | You will also need to publish the ports your HAProxy is listening on to the host by specifying the `-p` option, for example `-p 8080:80` to publish port 8080 from the container host to port 80 in the container. 71 | 72 | ## Use volume for configuration persistency 73 | 74 | ```console 75 | $ docker run -d --name my-running-haproxy -v /path/to/etc/haproxy:/usr/local/etc/haproxy:ro haproxytech/haproxy-debian:3.0 76 | ``` 77 | 78 | Note that your host's `/path/to/etc/haproxy` folder should be populated with a file named `haproxy.cfg` as well as any other accompanying files local to `/etc/haproxy`. 79 | 80 | ## Reloading config 81 | 82 | To be able to reload HAProxy configuration, you can send `SIGUSR2` to the container: 83 | 84 | ```console 85 | $ docker kill -s USR2 my-running-haproxy 86 | ``` 87 | 88 | ## Enable Data Plane API 89 | 90 | [Data Plane API](https://www.haproxy.com/documentation/hapee/2-7r1/api/data-plane-api/) sidecar is being distributed by default in all 2.0+ images and to enable it there are a few steps required: 91 | 92 | 1. define one or more users through `userlist` 93 | 2. enable dataplane api process through `program api` 94 | 3. enable haproxy.cfg to be read/write mounted in Docker, either by defining volume being r/w or by rebuilding image with your own haproxy.cfg 95 | 4. expose dataplane TCP port in Docker with `--expose` 96 | 97 | Relevant part of haproxy.cfg is below: 98 | 99 | ``` 100 | userlist haproxy-dataplaneapi 101 | user admin insecure-password mypassword 102 | 103 | program api 104 | command /usr/bin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/sbin/haproxy --config-file /usr/local/etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --restart-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist haproxy-dataplaneapi 105 | no option start-on-reload 106 | ``` 107 | 108 | To run such image we would use the following command (note that volume containing haproxy.cfg is mounted r/w and port tcp/5555 is being exposed): 109 | 110 | ```console 111 | $ docker run -d --name my-running-haproxy --expose 5555 -v /path/to/etc/haproxy:/usr/local/etc/haproxy:rw haproxytech/haproxy-debian 112 | ``` 113 | 114 | # License 115 | 116 | View [license information](https://raw.githubusercontent.com/haproxy/haproxy/master/LICENSE) for the software contained in this image. 117 | 118 | As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). 119 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | DOCKER_TAG="haproxytech/haproxy-debian" 4 | HAPROXY_GITHUB_URL="https://github.com/haproxytech/haproxy-docker-debian/blob/main" 5 | HAPROXY_BRANCHES="2.4 2.6 2.8 2.9 3.0 3.1 3.2 3.3" 6 | HAPROXY_CURRENT_BRANCH="3.2" 7 | PUSH="no" 8 | HAPROXY_UPDATED="" 9 | 10 | for i in $HAPROXY_BRANCHES; do 11 | echo "Building HAProxy $i" 12 | 13 | DOCKERFILE="$i/Dockerfile" 14 | HAPROXY_MINOR_OLD=$(awk '/^ENV HAPROXY_MINOR/ {print $NF}' "$DOCKERFILE") 15 | DATAPLANE_MINOR_OLD=$(awk '/^ENV DATAPLANE_MINOR/ {print $NF}' "$DOCKERFILE") 16 | 17 | ./update.sh "$i" || continue 18 | 19 | HAPROXY_MINOR=$(awk '/^ENV HAPROXY_MINOR/ {print $NF}' "$DOCKERFILE") 20 | DATAPLANE_MINOR=$(awk '/^ENV DATAPLANE_MINOR/ {print $NF}' "$DOCKERFILE") 21 | 22 | if [ "x$1" != "xforce" ]; then 23 | if [ \( "$HAPROXY_MINOR_OLD" = "$HAPROXY_MINOR" \) -a \( "$DATAPLANE_MINOR_OLD" = "$DATAPLANE_MINOR" \) ]; then 24 | echo "No new releases, not building $i branch" 25 | continue 26 | fi 27 | fi 28 | 29 | PUSH="yes" 30 | HAPROXY_UPDATED="$HAPROXY_UPDATED $HAPROXY_MINOR" 31 | 32 | if [ \( "x$1" = "xtest" \) -o \( "x$2" = "xtest" \) ]; then 33 | docker pull $(awk '/^FROM/ {print $2}' "$DOCKERFILE") 34 | 35 | docker build -t "$DOCKER_TAG:$HAPROXY_MINOR" "$i" || \ 36 | (echo "Failure building $DOCKER_TAG:$HAPROXY_MINOR"; exit 1) 37 | docker tag "$DOCKER_TAG:$HAPROXY_MINOR" "$DOCKER_TAG:$i" 38 | 39 | if [ "$i" = "$HAPROXY_CURRENT_BRANCH" ]; then 40 | docker tag "$DOCKER_TAG:$HAPROXY_MINOR" "$DOCKER_TAG:latest" 41 | fi 42 | 43 | docker run -it --rm "$DOCKER_TAG:$HAPROXY_MINOR" /usr/local/sbin/haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg || \ 44 | (echo "Failure testing $DOCKER_TAG:$HAPROXY_MINOR"; exit 1) 45 | fi 46 | 47 | git tag -d "$HAPROXY_MINOR" || true 48 | git push origin ":$HAPROXY_MINOR" || true 49 | git commit -a -m "Automated commit triggered by $HAPROXY_MINOR release(s)" || true 50 | git tag "$HAPROXY_MINOR" 51 | git push origin "$HAPROXY_MINOR" 52 | done 53 | 54 | if [ "$PUSH" = "no" ]; then 55 | exit 0 56 | fi 57 | 58 | echo -e "# Supported tags and respective \`Dockerfile\` links\n" > README.md 59 | for i in $(awk '/^ENV HAPROXY_MINOR/ {print $NF}' */Dockerfile| sort -n -r); do 60 | short=$(echo $i | cut -d. -f1-2 |cut -d- -f1) 61 | if [ "$short" = "$HAPROXY_CURRENT_BRANCH" ]; then 62 | if [ "$short" = "$i" ]; then 63 | final="-\t[\`$i\`, \`latest\`]($HAPROXY_GITHUB_URL/$short/Dockerfile)" 64 | else 65 | final="-\t[\`$i\`, \`$short\`, \`latest\`]($HAPROXY_GITHUB_URL/$short/Dockerfile)" 66 | fi 67 | else 68 | if [ "$short" = "$i" ]; then 69 | final="-\t[\`$i\`]($HAPROXY_GITHUB_URL/$short/Dockerfile)" 70 | else 71 | final="-\t[\`$i\`, \`$short\`]($HAPROXY_GITHUB_URL/$short/Dockerfile)" 72 | fi 73 | fi 74 | echo -e "$final" >> README.md 75 | done 76 | echo >> README.md 77 | cat README_short.md >> README.md 78 | 79 | git commit -a -m "README regen triggered by $HAPROXY_UPDATED release(s)" || true 80 | git push 81 | -------------------------------------------------------------------------------- /update.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | if test -z "$1"; then 5 | echo "Missing branch as first argument" 6 | exit 1 7 | fi 8 | 9 | if ! test -d "$1"; then 10 | echo "Cannot find $1 dedicated directory" 11 | exit 1 12 | fi 13 | 14 | cd "$1" 15 | 16 | HAPROXY_BRANCH="$1" 17 | DOCKERFILE="Dockerfile" 18 | HAPROXY_SRC_URL="http://www.haproxy.org/download" 19 | 20 | if ! test -f "$DOCKERFILE"; then 21 | echo "Cannot find $DOCKERFILE" 22 | exit 1 23 | fi 24 | 25 | HAPROXY_MINOR=$(curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/" 2>/dev/null | \ 26 | grep -o "" | \ 27 | sed -r -e 's!.*"haproxy-([^"/]+)\.tar\.gz".*!\1!' | sort -r -V | head -1) 28 | HAPROXY_SHA256=$(curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/haproxy-${HAPROXY_MINOR}.tar.gz.sha256" 2>/dev/null | \ 29 | awk '{print $1}') 30 | 31 | if [ -z "${HAPROXY_MINOR}" ]; then 32 | HAPROXY_MINOR=$(curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/devel/" 2>/dev/null | \ 33 | grep -o "" | \ 34 | sed -r -e 's!.*"haproxy-([^"/]+)\.tar\.gz".*!\1!' | sort -r -V | head -1) 35 | HAPROXY_SHA256=$(curl -sfSL "${HAPROXY_SRC_URL}/${HAPROXY_BRANCH}/src/devel/haproxy-${HAPROXY_MINOR}.tar.gz.sha256" | \ 36 | awk '{print $1}') 37 | fi 38 | 39 | if [ -z "${HAPROXY_MINOR}" ]; then 40 | echo "Could not identify latest HAProxy release for ${HAPROXY_BRANCH} branch" 41 | exit 1 42 | fi 43 | 44 | if [ -z "${HAPROXY_SHA256}" ]; then 45 | echo "Could not get SHA256 for HAProxy release ${HAPROXY_MINOR}" 46 | exit 1 47 | fi 48 | 49 | DATAPLANE_SRC_URL="https://api.github.com/repos/haproxytech/dataplaneapi/releases/latest" 50 | DATAPLANE_MINOR=$(curl -sfSL "$DATAPLANE_SRC_URL" | \ 51 | grep '"tag_name":' | \ 52 | sed -E 's/.*"v?([^"]+)".*/\1/') 53 | 54 | if [ -z "${DATAPLANE_MINOR}" ]; then 55 | echo "Could not identify latest HAProxy Dataplane release" 56 | exit 1 57 | fi 58 | 59 | DATAPLANE_SRC_URL="https://api.github.com/repos/haproxytech/dataplaneapi/releases" 60 | DATAPLANE_V2_MINOR=$(curl -sfSL "$DATAPLANE_SRC_URL" | \ 61 | grep '"tag_name":.*"v2' | \ 62 | sed -E 's/.*"v?([^"]+)".*/\1/' | \ 63 | sort -V | \ 64 | tail -1 65 | ) 66 | 67 | sed -r -i -e "s!^(ENV HAPROXY_SRC_URL) .*!\1 ${HAPROXY_SRC_URL}!; 68 | s!^(ENV HAPROXY_BRANCH) .*!\1 ${HAPROXY_BRANCH}!; 69 | s!^(ENV HAPROXY_MINOR) .*!\1 ${HAPROXY_MINOR}!; 70 | s!^(LABEL Version) .*!\1 ${HAPROXY_MINOR}!; 71 | s!^(ENV HAPROXY_SHA256) .*!\1 ${HAPROXY_SHA256}! 72 | s!^(ENV DATAPLANE_MINOR) .*!\1 ${DATAPLANE_MINOR}! 73 | s!^(ENV DATAPLANE_V2_MINOR) .*!\1 ${DATAPLANE_V2_MINOR}!" \ 74 | "$DOCKERFILE" 75 | --------------------------------------------------------------------------------