LP#1648188: example HAProxy configuration

[opensrf-equinox.git] / README

diff --git a/README b/README
index 564093a..995ad48 100644 (file)
--- a/README
+++ b/README
@@ -525,7 +525,7 @@ memory-intensive TPAC pages).
 
 The following instructions are a guide for setting this up on Debian
 and Ubuntu systems, but expect general familiarity with various system
-administration and netwrok tasks.  The steps should be run as the *root*
+administration and network tasks.  The steps should be run as the *root*
 Linux account, and assume that you already followed the instructions
 for installing WebSockets support.
 
@@ -572,6 +572,58 @@ to
 var WEBSOCKET_PORT_SSL = 443;
 ---------------------------------------------------------------------------
 
+Optional: Using HAProxy as a proxy
+----------------------------------
+HAProxy can also be used to proxy HTTP, HTTPS, and WebSockets traffic
+as an alternative to NGINX.
+
+The following instructions are a guide for setting this up on Debian
+and Ubuntu systems, but expect general familiarity with various system
+administration and network tasks.  The steps should be run as the *root*
+Linux account, and assume that you already followed the instructions
+for installing WebSockets support.
+
+1. Install HAProxy if not already present:
++
+[source, bash]
+---------------------------------------------------------------------------
+apt-get install haproxy
+---------------------------------------------------------------------------
++
+2. Configure the main Apache instance to listen on port 7080 for HTTP and
+   port 7443 for HTTPS and ensure that it is not listening on ports 80
+   and 443, then restart Apache.
+3. Append the example HAProxy to `haproxy.cfg`.
++
+[source, bash]
+---------------------------------------------------------------------------
+cd /path/to/opensrf-OSRFVERSION
+cat examples/haproxy/osrf-ws-http-proxy >> /etc/haproxy/haproxy.cfg
+---------------------------------------------------------------------------
++
+4. Edit `/etc/haproxy/haproxy.cfg` to set the location
+   of the PEM file containing the SSL certificate and private key.
+5. Start HAProxy.
++
+[source, bash]
+---------------------------------------------------------------------------
+/etc/init.d/haproxy start
+---------------------------------------------------------------------------
++
+6. Edit `<PREFIX>/javascript/opensrf_ws.js` and `<PREFIX>/javascript/opensrf_ws_shared.js`
+   and change
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 7682;
+---------------------------------------------------------------------------
++
+to
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 443;
+---------------------------------------------------------------------------
 
 Troubleshooting note for Python users
 -------------------------------------