# If you already have an haproxy.cfg file, you can probably leave the
# global and defaults section as-is, but you might need to increase the
# timeouts so that long-running CLI commands will work.
global
    maxconn 4096
    log 127.0.0.1 local0 debug
    tune.ssl.default-dh-param 2048

defaults
   log global
   option httplog
   option dontlognull
   option forwardfor
   maxconn 20
   timeout connect 5s
   timeout client 5min
   timeout server 5min

frontend http-in
    bind *:80
    bind *:443 ssl crt /home/ubuntu/jenkins/fullkey.pem
    mode http
    redirect scheme https if !{ ssl_fc } # Redirect http requests to https
    default_backend jenkins

backend jenkins
    server jenkins1 127.0.0.1:8080
    mode http
    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }
    reqrep ^([^\ :]*)\ /(.*)     \1\ /\2
    acl response-is-redirect res.hdr(Location) -m found
    rspirep (http)://127.0.0.1:8080/(.*) https://jenkins.mycompany.com:443/\2 if response-is-redirect