Hi,
I’m having trouble with the whitelist acl rule, snippet below:
acl whitelist src -f /usr/local/etc/haproxy/ip_whitelist/whitelist.lst
I’m running haproxy within a docker container and using inotifywait to detect file changes and then using the below snippet to reload haproxy.
sudo /usr/local/sbin/haproxy -d -f /usr/local/etc/haproxy/haproxy.cfg -sf $HAPROXY_PID > /var/log/haproxy.log &; HAPROXY_PID=$!
While I can see from the logs that inotifywait is being hit and it’s running the snippet, it doesn’t seem to be reloading the whitelist correctly.
If I have my laptops IP within the list and send a request to the container I pass the whitelist fine, but then remove all IPs from the list without restarting the docker container I still pass the whitelist despite removing my IP from the list. If I then stop and start the container it corrects the mistake and fails the acl rule as it should. Presumably something is wrong with how I’m reloading haproxy, I’d appreciate any help I can get.
2 posts - 1 participant