HAproxy: right way to redirect old domain?

sgw

We run a webserver behind HAproxy on pfsense, with wordpress in it (docker containers, btw).
Works great.

Now we have other URLs/domains (= customer bought another company) which should be silently forwarded to our main domain. I set up a CNAME record ... and wonder how to solve that:

wordpress doesn't know about the old domain names, so the redirect should happen before somehow.

I played with some ACLs etc but so far didn't succeed. Does anyone have a nice pointer for me?

kiokoman

Two different domain should be forwarded to the same website ? rewrite condition for apache/nginx is not a solution?

sgw

@kiokoman I think, no: there has to be SSL/TLS at the front, so I need a LE-cert and a frontend for that, right? Otherwise the cert for the new domain wouldn't match the URL of the old domain.

I look for the right "layer" on which to solve that in an elegant and correct way.

kiokoman

if it's only for letsencrypt you can add all the domains you want inside the same cert.
expand the cert with the new domain, the flag for certbot is -d DOMAINS "Comma-separated list of domains to obtain a certificate for"
in any case maybe someone else can give you a better solution.

sgw

@kiokoman customer doesn't want such a multi-domain cert ... ;-)

So I want a second HA-frontend with the matching cert for the old domain (I have that already) .. and this one should redirect. I think of some HAproxy-rule or a lua-file or so.

dragoangel

@kiokoman what a point use backend redirect when you have haproxy?

dragoangel

@sgw you not need lua, doh. Try send answer but banned by antispam lol... Send you help in pm

kiokoman

that's why i said "maybe someone else can give you a better solution"
but i think that after 2 month he already solved the problem...

sgw

thread is obsolete now (at least for us): moved the containers to an external host and solved the forwarding within traefik. thanks all ...