@kevdog wrote:
Hi - I’m really new to using HAproxy as I’ve been proxy either Apache/Ngnix as reverse proxies.
I’m using HA proxy though the pfsense configuration.
My setup is basically
client—>Cloudflare---->pfsense/HAproxy---->Web Server
I’m only interested in using HAproxy as a reverse proxy at this time. I have working Lets Encrypt SSL certs installed on pfsense.
I’ll post my configuration, but in a nutshell I’m getting a Cloudflare 522 error saying there is a connection timeout to the server.
Here is my config with come of the details redacted:
# Automaticaly generated, dont edit manually. # Generated on: 2020-01-20 18:00 global maxconn 1000 stats socket /tmp/haproxy.socket level admin expose-fd listeners uid 80 gid 80 nbproc 1 nbthread 1 hard-stop-after 15m chroot /tmp/haproxy_chroot daemon tune.ssl.default-dh-param 2048 log-send-hostname HA server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats show-legends stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend front bind <WANIP>:443 name <WANIP>:443 ssl crt-list /var/etc/haproxy/gohilton.com.crt_list mode http log global option http-keep-alive timeout client 30000 acl ACL1 var(txn.txnhost) -m str -i <URL> http-request set-var(txn.txnhost) hdr(host) use_backend back_ipvANY if ACL1 frontend http-to-https-WAN bind <WANIP>:80 name <WANIP>:80 mode http log global option http-keep-alive timeout client 30000 backend back_ipvANY mode http id 102 log global timeout connect 30000 timeout server 30000 retries 3 option httpchk OPTIONS / server back 10.0.1.158:80 id 103 check inter 1000My only concern is that the WAN IP is different than the proxied Cloudflare IP I have listed.
Thanks for any help
Posts: 1
Participants: 1