Hi, I have a setup I’ve been struggling with for a while.
I want to use tcp mode to pass-through SSL.
I want it so when I enter abc.com I get passed through to the abc.com backend, but if any other domain than abc.com is used to access haproxy with it will be sent to the fallback backend.
Is that possible?
Here is what I’ve tried so far:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 10240
nbproc 4
nbthread 1
cpu-map auto:1/1-4 0-3
defaults
log global
mode tcp
option tcplog
option dontlognull
maxconn 2048
retries 3
timeout connect 10s
timeout client 30s
timeout server 30s
timeout http-request 10s
timeout http-keep-alive 2s
timeout queue 5s
timeout tunnel 2m
timeout client-fin 2s
timeout server-fin 2s
frontend abc.com
bind XXX.YYY.ZZZ.WWW:80
bind XXX.YYY.ZZZ.WWW:443
use_backend abc.com if { hdr(host) -i www.abc.com }
use_backend abc.com if { hdr_dom(host) -i abc.com }
default_backend fallback
backend abc.com
balance static-rr
server default AAA.BBB.CCC.DDD:443 check verify none fall 3 rise 2
backend fallback
balance static-rr
server fallback reverse-proxy.fallback.com:443
Any suggestions?
3 posts - 2 participants