https reverse proxy using HAProxy


(Mikal Houston) #1

I’m trying to get a reverse proxy set up using HAPRoxy. My current configuration is:

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http
        option forwardfor
        option http-server-close

frontend www-http
        bind *:80
        reqadd X-Forwarded-Proto:\ http
        default_backend www-backend

frontend www-https
        bind *:443 ssl crt /etc/haproxy/certs/example.tld.pem
        reqadd X-Forwarded-Proto:\ https
        http-request set-header X-SSL %[ssl_fc]
        http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
        acl apps-acl hdr_end(host) -i apps.example.tld
        acl syncthing-acl path_beg /syncthing
        acl letsencrypt-acl path_beg /.well-known/acme-challenge/
        use_backend syncthing-backend if apps-acl syncthing-acl
        use_backend letsencrypt-backend if letsencrypt-acl
        default_backend www-backend

backend syncthing-backend
        redirect scheme https if !{ ssl_fc }
        timeout server 600s
        server syncthing 127.0.0.1:8384 check

backend letsencrypt-backend
        server letencrypt 127.0.0.1:54321

backend www-backend
        redirect scheme https if !{ ssl_fc }
        server srv1 127.0.0.1:8000 check

When I enter apps.example.tld/syncthing it redirects to https and prompts for my login; after authenticating I am presented with a 404 error from syncthing:

404 page not found

Does anybody have a working HAProxy setup that they could share? I assume I need additional set-header statements, but I’m not entirely clear on how to translate some of the apache2 or NGINX proxy statements for HAProxy. Perhaps this could be added to the documentation for reverse proxy setup.

Running syncthing 0.14.37 on Ubuntu 16.04 with HAPRoxy 1.7.9


(system) #2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.