Haproxy SSL reverse proxy configuration for Docker registry
global
log 127.0.0.1 local0 debug
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
tune.ssl.default-dh-param 2048
defaults
log global
mode http
option httplog
option dontlognull
option forwardfor
option logasap
timeout connect 10000
timeout client 50000
timeout server 100000
maxconn 3000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend http
bind *:80
redirect scheme https if !{ ssl_fc }
frontend https
bind *:443 ssl crt /etc/mycompany/certs/haproxy.pem
acl host_docker hdr(host) -i docker.mycompany.com
reqadd X-Forwarded-Port:\ 443
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Scheme:\ https
use_backend docker if host_docker
backend docker
reqadd X-Forwarded-Host:\ docker.mycompany.com
server docker localhost:5000