Need help with HAProxy config

yuljk

Hi guys - Please see my config below

# Automaticaly generated, dont edit manually.
# Generated on: 2017-07-07 18:29
global
	maxconn			100
	stats socket /tmp/haproxy.socket level admin
	uid			80
	gid			80
	nbproc			1
	chroot			/tmp/haproxy_chroot
	daemon
	server-state-file /tmp/haproxy_server_state

listen HAProxyLocalStats
	bind 127.0.0.1:2200 name localstats
	mode http
	stats enable
	stats admin if TRUE
	stats uri /haproxy/haproxy_stats.php?haproxystats=1
	timeout client 5000
	timeout connect 5000
	timeout server 5000

frontend HTTP-Edge
	bind			86.16.238.175:443 name 86.16.238.175:443   
	bind			86.16.238.175:80 name 86.16.238.175:80   
	mode			tcp
	log			global
	option			dontlog-normal
	timeout client		30000
	tcp-request inspect-delay	5s
	acl			mail-acl	req.ssl_sni -i mail.apollon-domain.co.uk
	acl			filter-acl	req.ssl_sni -i filter.apollon-domain.co.uk
	tcp-request content accept if { req.ssl_hello_type 1 }

	use_backend mail_https_ipvANY  if  mail-acl 
	use_backend filter_https_ipvANY  if  filter-acl 

backend mail_https_ipvANY
	mode			tcp
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			CERBERUS 192.168.50.183:443 check-ssl check inter 1000  verify none 

backend filter_https_ipvANY
	mode			tcp
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			GLAUCUS 192.168.50.185:80 check inter 1000

If I navigate to https://mail.apollon-domain.co.uk externally it times out.  Stats page shows my mail server as UP.

Basically I just want a single frontend supporting http and https.  Where am I going wrong here?

Many thanks

Soyokaze

Your front-end is configured in TCP mode, but you asking for HTTP processing (ACLs based on HTTP Hostname).
Switch front-end to HTTP mode.