Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help needed to setup acme-http01-webroot.lua for Haproxy

    Scheduled Pinned Locked Moved Cache/Proxy
    3 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kiekar
      last edited by

      Hello,

      As the subject says I'm trying to add the acme-http01 -webroot.lua to haproxy. I downloaded the files using https://forum.pfsense.org/index.php?topic=101186.msg690924#msg690924.

      In the instructions of the acme-http01 -webroot.lua below, it shows to copy the file in your haproxy config dir and to invoke the plugin by adding in the 'global' section of haproxy.cfg.

      How do i upload the file to the haproxy config dir and where is it located? where is the haproxy.cfg file located.

      Your help will be much appreciated.

      Thanks in advance,

      from the acme-http01 -webroot.lua download file:

      
-- ACME http-01 domain validation plugin for Haproxy 1.6+
-- copyright (C) 2015 Jan Broer
--
-- usage:
--
-- 1) copy acme-webroot.lua in your haproxy config dir
-- 
-- 2) Invoke the plugin by adding in the 'global' section of haproxy.cfg:
-- 
--    lua-load /etc/haproxy/acme-webroot.lua
-- 
-- 3) insert these two lines in every http frontend that is
--    serving domains for which you want to create certificates:
-- 
--    acl url_acme_http01 path_beg /.well-known/acme-challenge/
--    http-request use-service lua.acme-http01 if METH_GET url_acme_http01
--
-- 4) reload haproxy

      and this is from the README.md file

      
### HAProxy configuration

Copy `acme-http01-webroot.lua` to a location accessible by HAProxy. In case that you don't run HAProxy chrooted (`chroot` config option), you need to edit the plugin and set the `non_chroot_webroot` parameter to the path of the directory you want to use as 'webroot'.

To activate the plugin you just need to add **three lines** to your `haproxy.cfg`:

In the `global` section insert

	lua-load /etc/haproxy/acme-http01-webroot.lua

to invoke the Lua plugin.
      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        The topic you linked to explains it all in text&pictures.

        -Go to Services/HAProxy/Files (in the webgui), add a 'file' there and paste in the Lua script with a name and type Lua.
        -Go to a frontend and add a acl and action like the screenshots to call the lua function acme-http01 .

        No need to change global config settings, or adding files on the filesystem.

        1 Reply Last reply Reply Quote 0
        • K
          kiekar
          last edited by

          Thanks again PiBa,

          I must be blind. Did not see the down arrow to add a lua script. Worked like a charm.

          Regards,

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.