From 9ca1bf79dd3bcc3aa9b3cf74201d05f98c2a2f7c Mon Sep 17 00:00:00 2001
From: Christophe Siraut <csiraut@entrouvert.com>
Date: Fri, 30 Oct 2020 16:44:23 +0100
Subject: [PATCH] doc: update haproxy example

---
 debian/haproxy/haproxy.conf-example.snippet | 22 +++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/debian/haproxy/haproxy.conf-example.snippet b/debian/haproxy/haproxy.conf-example.snippet
index a40528c..937a742 100644
--- a/debian/haproxy/haproxy.conf-example.snippet
+++ b/debian/haproxy/haproxy.conf-example.snippet
@@ -1,10 +1,12 @@
- frontend https
-    ...
-    bind *:443 ssl crt /etc/ssl/bundles ca-file /usr/local/share/ca-certificates/entrouvert-ca.crt verify optional
-    http-request set-header X-SSL                  %[ssl_fc]
-    http-request set-header X-SSL-Client-Cert      %[ssl_fc_has_crt]
-    http-request set-header X-SSL-Client-Verify    %[ssl_c_verify]
-    http-request set-header X-SSL-Client-SHA1      %[ssl_c_sha1,hex]
-    http-request set-header X-SSL-Client-DN        %{+Q}[ssl_c_s_dn]
-    http-request set-header X-SSL-Client-CN        %{+Q}[ssl_c_s_dn(cn)]
-    http-request set-header X-SSL-Issuer           %{+Q}[ssl_c_i_dn]
+listen journald
+  bind *:19532 ssl crt /etc/ssl/bundles ca-file /usr/local/share/ca-certificates/company-ca.crt verify optional
+  timeout client 5000000
+  timeout server 5000000
+  http-request set-header X-SSL                  %[ssl_fc]
+  http-request set-header X-SSL-Client-Cert      %[ssl_fc_has_crt]
+  http-request set-header X-SSL-Client-Verify    %[ssl_c_verify]
+  http-request set-header X-SSL-Client-SHA1      %[ssl_c_sha1,hex]
+  http-request set-header X-SSL-Client-DN        %{+Q}[ssl_c_s_dn]
+  http-request set-header X-SSL-Client-CN        %{+Q}[ssl_c_s_dn(cn)]
+  http-request set-header X-SSL-Issuer           %{+Q}[ssl_c_i_dn]
+  server journal 10.0.0.1:80