cf-haproxy/1
You can find the source of this version on GitHub at cloudfoundry-community/cf-haproxy-boshrelease. It was created based on the commit 8288fee2
.
Release Notes¶
BOSH Release for cf-haproxy
This BOSH release is an attempt to get a more customizable/secure haproxy release than what is provided in cf-release.
It adds the following features: - blacklisting internal-only domains, to prevent Host header spoofing - fine-graned timeout configurations for http, https, and websocket connections - no tcp-mode proxying, just HTTP proxying, to prevent backdoors around Host header spoofing.
Usage¶
You can reference this release in your deployment manifest from the releases
section:
- name: "cf-haproxy" version: "1" url: "https://bosh.io/d/github.com/cloudfoundry-community/cf-haproxy-boshrelease?v=1" sha1: "ea173b4a563f6fb06a53be975d581c73cba54149"
Or upload it to your director with the upload-release
command:
bosh upload-release --sha1 ea173b4a563f6fb06a53be975d581c73cba54149 \ "https://bosh.io/d/github.com/cloudfoundry-community/cf-haproxy-boshrelease?v=1"