I’m trying to get a reverse proxy set up using HAPRoxy. My current configuration is:
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
option forwardfor
option http-server-close
frontend www-http
bind *:80
reqadd X-Forwarded-Proto:\ http
default_backend www-backend
frontend www-https
bind *:443 ssl crt /etc/haproxy/certs/example.tld.pem
reqadd X-Forwarded-Proto:\ https
http-request set-header X-SSL %[ssl_fc]
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
acl apps-acl hdr_end(host) -i apps.example.tld
acl syncthing-acl path_beg /syncthing
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend syncthing-backend if apps-acl syncthing-acl
use_backend letsencrypt-backend if letsencrypt-acl
default_backend www-backend
backend syncthing-backend
redirect scheme https if !{ ssl_fc }
timeout server 600s
server syncthing 127.0.0.1:8384 check
backend letsencrypt-backend
server letencrypt 127.0.0.1:54321
backend www-backend
redirect scheme https if !{ ssl_fc }
server srv1 127.0.0.1:8000 check
When I enter apps.example.tld/syncthing it redirects to https and prompts for my login; after authenticating I am presented with a 404 error from syncthing:
404 page not found
Does anybody have a working HAProxy setup that they could share? I assume I need additional set-header statements, but I’m not entirely clear on how to translate some of the apache2 or NGINX proxy statements for HAProxy. Perhaps this could be added to the documentation for reverse proxy setup.
Running syncthing 0.14.37 on Ubuntu 16.04 with HAPRoxy 1.7.9