• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Help needed to setup acme-http01-webroot.lua for Haproxy

Cache/Proxy
2
3
2.0k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    kiekar
    last edited by Jan 6, 2018, 8:57 PM Jan 6, 2018, 8:05 PM

    Hello,

    As the subject says I'm trying to add the acme-http01 -webroot.lua to haproxy. I downloaded the files using https://forum.pfsense.org/index.php?topic=101186.msg690924#msg690924.

    In the instructions of the acme-http01 -webroot.lua below, it shows to copy the file in your haproxy config dir and to invoke the plugin by adding in the 'global' section of haproxy.cfg.

    How do i upload the file to the haproxy config dir and where is it located? where is the haproxy.cfg file located.

    Your help will be much appreciated.

    Thanks in advance,

    from the acme-http01 -webroot.lua download file:

    
-- ACME http-01 domain validation plugin for Haproxy 1.6+
-- copyright (C) 2015 Jan Broer
--
-- usage:
--
-- 1) copy acme-webroot.lua in your haproxy config dir
-- 
-- 2) Invoke the plugin by adding in the 'global' section of haproxy.cfg:
-- 
--    lua-load /etc/haproxy/acme-webroot.lua
-- 
-- 3) insert these two lines in every http frontend that is
--    serving domains for which you want to create certificates:
-- 
--    acl url_acme_http01 path_beg /.well-known/acme-challenge/
--    http-request use-service lua.acme-http01 if METH_GET url_acme_http01
--
-- 4) reload haproxy

    and this is from the README.md file

    
### HAProxy configuration

Copy `acme-http01-webroot.lua` to a location accessible by HAProxy. In case that you don't run HAProxy chrooted (`chroot` config option), you need to edit the plugin and set the `non_chroot_webroot` parameter to the path of the directory you want to use as 'webroot'.

To activate the plugin you just need to add **three lines** to your `haproxy.cfg`:

In the `global` section insert

	lua-load /etc/haproxy/acme-http01-webroot.lua

to invoke the Lua plugin.
    1 Reply Last reply Reply Quote 0
    • P
      PiBa
      last edited by Jan 7, 2018, 3:58 PM

      The topic you linked to explains it all in text&pictures.

      -Go to Services/HAProxy/Files (in the webgui), add a 'file' there and paste in the Lua script with a name and type Lua.
      -Go to a frontend and add a acl and action like the screenshots to call the lua function acme-http01 .

      No need to change global config settings, or adding files on the filesystem.

      1 Reply Last reply Reply Quote 0
      • K
        kiekar
        last edited by Jan 8, 2018, 12:17 AM

        Thanks again PiBa,

        I must be blind. Did not see the down arrow to add a lua script. Worked like a charm.

        Regards,

        1 Reply Last reply Reply Quote 0
        2 out of 3
        • First post
          2/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.