Skip to content

cf-haproxy/1

You can find the source of this version on GitHub at cloudfoundry-community/cf-haproxy-boshrelease. It was created based on the commit 8288fee2.

Release Notes

BOSH Release for cf-haproxy

This BOSH release is an attempt to get a more customizable/secure haproxy release than what is provided in cf-release.

It adds the following features: - blacklisting internal-only domains, to prevent Host header spoofing - fine-graned timeout configurations for http, https, and websocket connections - no tcp-mode proxying, just HTTP proxying, to prevent backdoors around Host header spoofing.

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "cf-haproxy"
  version: "1"
  url: "https://bosh.io/d/github.com/cloudfoundry-community/cf-haproxy-boshrelease?v=1"
  sha1: "ea173b4a563f6fb06a53be975d581c73cba54149"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 ea173b4a563f6fb06a53be975d581c73cba54149 \
  "https://bosh.io/d/github.com/cloudfoundry-community/cf-haproxy-boshrelease?v=1"

Jobs

Packages