@bmf7777 wrote:
i’m using haproxy 1.8.8-1ubuntu0.4. all is working well except (see configuration below) the following
https://foobar-dns.ddns.net which continues to forward to http://foobar-dns.ddns.net/admin versus
http://192.168.5.2/admin which is required … all other entries/back-ends work. what is wrong with my backend for https://foobar-dns.ddns.net … thanks in advance, danbackend pihole-backend mode http server pi-hole 192.168.5.2 no-check http-request redirect location /admin if { path / } http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc }------------------------- full haproxy.cfg
global
maxconn 100
tune.ssl.default-dh-param 2048defaults mode http log global timeout connect 20s timeout client 50s timeout server 50s timeout tunnel 1h listen stats bind 192.168.1.235:9000 mode http log global maxconn 10 stats enable stats hide-version stats refresh 30s stats show-node # stats auth admin:password stats uri /haproxy?stats frontend https bind *:443 mode tcp tcp-request inspect-delay 5s tcp-request content accept if { req_ssl_hello_type 1 } use_backend openvpn-backend if { req_ssl_sni -i foobar.ddns.net } default_backend https-back frontend https-front bind unix@/var/run/haproxy.sock ssl crt /etc/letsencrypt/live/foobar.ddns.net/haproxy.pem accept-proxy mode http use_backend home-assistant-backend if { ssl_fc_sni -i foobar-ha.ddns.net } use_backend nextcloud-backend if { ssl_fc_sni -i foobar-nc.ddns.net } use_backend blueiris-backend if { ssl_fc_sni -i foobar-bi.ddns.net } use_backend pihole-backend if { ssl_fc_sni -i foobar-dns.ddns.net } use_backend unifi-backend if { ssl_fc_sni -i foobar-unifi.ddns.net } use_backend unms-backend if { ssl_fc_sni -i foobar-unms.ddns.net } use_backend haproxy-backend if { ssl_fc_sni -i foobar-haproxy.ddns.net } default_backend blueiris-backend frontend http bind :80 acl letsencrypt-acl path_beg /.well-known/acme-challenge/ use_backend letsencrypt-backend if letsencrypt-acl backend letsencrypt-backend server letsencrypt 127.0.0.1:8888 backend https-back mode tcp server https-front unix@/var/run/haproxy.sock send-proxy-v2 backend openvpn-backend mode tcp timeout server 2h server openvpn 192.168.1.235:444 backend haproxy-backend mode http server haproxy 192.168.1.235:9000 no-ssl check http-request redirect location /haproxy?stats if { path / } http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend pihole-backend mode http server pi-hole 192.168.5.2 no-check http-request redirect location /admin if { path / } http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend unifi-backend mode http server unifi 192.168.1.16:8443 ssl verify none check http-request redirect location /manage/site/kab9w4dv/dashboard if { path / } http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend unms-backend mode http server unms 192.168.1.207 ssl verify none http-request redirect location /dashboard if { path / } http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend home-assistant-backend mode http server home-assistant 192.168.1.123:8123 check http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend nextcloud-backend mode http server nextcloud 192.168.1.123:80 check http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } backend blueiris-backend mode http server blueiris 192.168.1.36:1050 check http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc }
Posts: 1
Participants: 1