[PATCH 10/10] DOC: peers: SSL/TLS documentation for "peers"

Fri, 11 Jan 2019 05:53:11 -0800 

From: Frédéric Lécaille <[email protected]>

---
 doc/configuration.txt | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 888515fb..d55e4bd3 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -1928,6 +1928,12 @@ peers <peersect>
   Creates a new peer list with name <peersect>. It is an independent section,
   which is referenced by one or more stick-tables.
 
+bind [param*]
+  Defines the binding parameters of the local peer of this "peers" section.
+  To avoid some redundancy, and as the <address> and <port> parameters
+  are already provided on "peer" (or "server") lines, they are not supported
+  by "bind" keyword in "peers" sections.
+
 disabled
   Disables a peers section. It disables both listening and any synchronization
   related to this section. This is provided to disable synchronization of stick
@@ -1936,7 +1942,7 @@ disabled
 enable
   This re-enables a disabled peers section which was previously disabled.
 
-peer <peername> <ip>:<port>
+peer <peername> <ip>:<port> [param*]
   Defines a peer inside a peers section.
   If <peername> is set to the local peer name (by default hostname, or forced
   using "-L" command line option), haproxy will listen for incoming remote peer
@@ -1955,6 +1961,15 @@ peer <peername> <ip>:<port>
   You may want to reference some environment variables in the address
   parameter, see section 2.3 about environment variables.
 
+  Note: "peer" keyword may transparently be replaced by "server" keyword (see
+  "server" keyword explanation below).
+
+server <peername> <ip>:<port> [param*]
+  As previously mentionned, "peer" keyword may be replaced by "server" keyword
+  with a support for all "server" parameters found in 5.2 paragraph.
+  Some of these parameters are irrelevant for "peers" sections.
+
+
   Example:
     peers mypeers
         peer haproxy1 192.168.0.1:1024
@@ -1970,6 +1985,12 @@ peer <peername> <ip>:<port>
         server srv1 192.168.0.30:80
         server srv2 192.168.0.31:80
 
+   Example:
+     peers mypeers
+         bind ssl crt mycerts/pem
+         default-server ssl verify none
+         server hostA  127.0.0.10:10000
+         server hostB  127.0.0.11:10001
 
 3.6. Mailers
 ------------
-- 
2.11.0

Reply via email to