HAProxy SSL Problem
Hello, we have the following problem and couldn’t find any solution. First what we want to do: We have a network, where we have a Server for Nextcloud and another Server for collabora (we seperated...
View ArticleCreate a cookie with a value of the requested subdomain
Create a cookie with a value of the requested subdomain Community version 2.0.14-lp152.1.2.x86_64 openSUSE leaf 15.2 Working with a new system that is multi-tenanted where externally the customers use...
View ArticleSSL Chuncked Error
Hi all ! I have 2 frontends one HTTP and another for HTTPS using the same backend. I force some domains to HTTPS frontend When I use the HTTPS frontend I’m receiving the follow error. POST...
View ArticleHaproxy is swallowing 500 errors
Hi, when HAProxy rec vies a 500 from a backend it will respond with 502 to the client. Is there any way to prevent this and just forward the 500 response? 5 posts - 2 participants Read full topic
View ArticleSet-uri return error 503
Hi, I want to display for my users data from a whole different URL, not by redirecting them to there but just to display the data. For that, I am trying to use http-request set-uri...
View ArticleDoes "observer layer7" verify the health check or the server responses?
Hi there, I have a backend with a couple of servers, in HTTP mode : backend my_backend mode http option forwardfor option log-health-checks option httpchk GET http-check disable-on-404 timeout server...
View ArticleClik here to view.
HAProxy unable to verify device certificate
Hi, I’m trying to proxy traffic to our CRM-Server as I want to prevent accessing the server without a valid client certificate. This is my configuration:...
View ArticleHow to do port forward by domain in TCP mode?
I am using use-server to separate https with different domain requests, but sometimes it will go to wrong server with same url, but when I wrote test python script to send https request 100 times per...
View ArticleHaproxy log format
hi, I have to set the haproxy logs to view them with AWSTATS, how can I format the log? It might be enough for me to format them in the same log format created by NGINX. 1 post - 1 participant Read...
View ArticleWindows update example
Does anyone have a configuration example for allowing windows update. I have some test vm that does not require internet, and was wondering if I can have it update through the haproxy. 1 post - 1...
View ArticleFollowing a tutorial but gone wrong (haproxy.service: Start request repeated...
I was following this tutorial (I use Ubuntu 20.04 minimal) to run a DNS over HTTPS which is very close to my use case: A experimental server with just only so many applications inside and nothing...
View ArticleErrorfile with conditions
Hi, We have backends that serve json and html pages. Is there a way to return HAProxy errors based on ACLs? For example if path begins with /json then return the internal errors in json otherwise...
View ArticleClik here to view.
I can 'replace' iptables + ipset with acl src -f (?)
I was wondering what are the closest options to have something like iptables + ipset functionality in haproxy, and what the performance difference is. I have been looking a bit at this manual about...
View ArticleHaproxy Segfault: segfault at 7f6705601068 ip 00007f670a9b1246 sp...
We are seeing randomly haproxy crashes due to segfault “haproxy[22735]: segfault at 7f6705601068 ip 00007f670a9b1246 sp 00007f670888a7c0 error 4 in libc-2.23.so[7f670a978000+1c0000]” Here are details...
View ArticleClik here to view.
Content delivery to a docker container?
Hey folks, I’m using filestash (GitHub - mickael-kerjean/filestash: 🦄 A modern web client for SFTP, S3, FTP, WebDAV, Git, Minio, LDAP, CalDAV, CardDAV, Mysql, Backblaze, ...) with docker, default...
View ArticleHTTPS with HAProxy and Marathon-LB for Flask docker on DCOS
I have a docker in DCOS that runs a Flask instance. I also have a marathon-lb docker with HAProxy that routes incoming traffic to that Flask docker, so I access the Flask routes in the docker like so...
View Article1.6 - Combining HTTP Health Check and Agent Check
Hi, If the HTTP check fails and the agent returns a feedback of “up 50%”, would HA Proxy mark that host as DOWN? There was an incident where requests would continue to be routed to the host failed the...
View ArticlemTLS by path - requiring client verification for some paths
Hi, I’ve configured HAProxy such that client verification is required for HTTP requests to all paths except /ping. Here’s my (boiled down) configuration, somewhat derived from this post: global...
View ArticleClik here to view.
Maxconn causing close_wait
We have a load balancer with below configuration - frontend lb bind x.x.x.x:80 mss 1440 alpn h2,http/1.1 maxconn 100 mode http option httplog use_backend busy_backend if { fe_conn ge 100 } || {...
View ArticleClik here to view.
Tool to clean up your acl
I just wanted to share a cidr-merger tool I have found that merges your ip addresses. I did not test it fully but it is worth looking at. From 2371 addresses of the amazon cloud to 888. [@ ~]$ cat...
View Article