@ludal wrote:
Hi everyone,
I would like to use HAProxy in front of squid, via a specific domain, but still keeping HAProxy for SSL offloading and “basic” load balancing.
So both my proxy and my websites have to reacheable through the 80 tcp port.To resume, I would like it to work like this :
mydomain.tld -> default_backend -> nginx
proxy.mydomain.tld -> acl -> squidI’ve done a first set, and it works quite well for now, but I’m facing a strange problem, all the redirected link are using my default backend instead of the squid backend (Google link for example)
Here is my actual configuration :
frontend XXX bind A.B.C.D:80 bind A.B.C.D:443 ssl crt /etc/haproxy/ssl http-request set-header X-Forwarded-Proto https if { ssl_fc } acl is_letsencrypt_check path_beg /.well-known/acme-challenge use_backend letsencrypt if is_letsencrypt_check acl is_proxy req.hdr(Proxy-Connection) -m found acl is_proxy req.hdr(Proxy-Authorization) -m found use_backend squid if is_proxy default_backend nginx backend nginx server nginx-local 127.0.0.1:8080 backend squid cookie SERVERID insert indirect nocache option httpclose option forwardfor header X-Client server squid-local 127.0.0.1:3128 backend letsencrypt http-request set-header Host localhost server nginx-local 127.0.0.1:80I’m using HAProxy 1.5.8 and squid 3.4.8. Squid is configured in transparent mode.
I guess the main issue here is to identify the incoming requests that are meant to be processed by squid, and so far, I failed to catch them all…
Can anyone help me ?Thanks !
Posts: 1
Participants: 1