global
    log {{ local_host }} local0
    log {{ local_host }} local1 notice
    maxconn 20000
    user haproxy
    group haproxy
    spread-checks 0

defaults
    log global
    mode tcp
    option tcplog
    option dontlognull
    retries 3
{%- if haproxy_queue_timeout %}
    timeout queue {{ haproxy_queue_timeout }}
{%- else %}
    timeout queue 9000
{%- endif %}
{%- if haproxy_connect_timeout %}
    timeout connect {{ haproxy_connect_timeout }}
{%- else %}
    timeout connect 9000
{%- endif %}
{%- if haproxy_client_timeout %}
    timeout client {{ haproxy_client_timeout }}
{%- else %}
    timeout client 90000
{%- endif %}
{%- if haproxy_server_timeout %}
    timeout server {{ haproxy_server_timeout }}
{%- else %}
    timeout server 90000
{%- endif %}

listen stats
    bind {% if haproxy_expose_stats %}{{ haproxy_host }}{% else %}{{ local_host }}{% endif %}:{{ stat_port }}
    mode http
    stats enable
    stats hide-version
    stats realm Haproxy\ Statistics
    stats uri /
    stats auth admin:{{ stat_password }}

{% if units %}
{% for service, ports in service_ports.items() -%}
listen {{ service }}
    bind *:{{ ports[0] }}
    {% if prefer_ipv6 -%}
    bind :::{{ ports[0] }}
    {%- endif %}
    balance source
    option tcplog
    {% if haproxy_rate_limiting_enabled -%}
    stick-table type ip size 100k store bytes_in_rate({{ haproxy_limit_period }}s)
    tcp-request connection track-sc0 src
    tcp-request connection reject if { sc_bytes_in_rate(0) gt {{ haproxy_max_bytes_in_rate }} }
    {% endif -%}
    {% for unit, address in units.items() -%}
    server {{ unit }} {{ address }}:{{ ports[1] }} check
    {% endfor %}
{% endfor %}
{% endif %}