• 0 Votes
    1 Posts
    490 Views
    No one has replied
  • HAProxy: adding map file via GUI?

    Cache/Proxy haproxy
    3
    0 Votes
    3 Posts
    1k Views
    M
    That would likely need to be a feature request.
  • 0 Votes
    2 Posts
    1k Views
    G
    @gamehoundsdev NVM im a idiot, I forgot to disable a 443 mapping on nat ..
  • 0 Votes
    4 Posts
    2k Views
    V
    @jonathan-young You can do something like this to insert the /test directory: In the backend add an ACL: name: notest path starts with "Not" checked value: /test/ action: http-request set-path fmt: /test/%[path] acl: notest
  • Using SSL offloading to access Services

    Cache/Proxy ssl haproxy nas
    2
    0 Votes
    2 Posts
    2k Views
    R
    @ahole4sure no, it is not required if you're using SSL Offloading option on Haproxy frontend. In this case it is better to use http for backend (or issue some internal ssl cert on pfsense for your synology)
  • HAProxy: https redirect frontend not working

    pfSense Packages haproxy
    9
    0 Votes
    9 Posts
    3k Views
    G
    @viragomann Oh man! So, I finally figured out the problem. You were correct from the beginning. In fact, nearly every scenario we tried works. The problem had nothing to do with my setup. My ISP decided to up and block port 80 all of a sudden without telling me. I figured this out by going back to basics. I started up a simple webserver that listened to port 80 and just forwarded directly to that server. Worked on most every other port except 80. Spent 3 hours on the phone with my ISP to get this fixed. All works now. I really appreciate the help. I did learn a few things along the way, so not a total waste of time.
  • 0 Votes
    1 Posts
    1k Views
    No one has replied
  • HAProxy using url table alias

    Cache/Proxy pfblockerng haproxy alias
    1
    0 Votes
    1 Posts
    643 Views
    No one has replied
  • 0 Votes
    1 Posts
    428 Views
    No one has replied
  • Backend with cookie preserve indirect nocache

    Cache/Proxy haproxy
    2
    0 Votes
    2 Posts
    596 Views
    PPCMP
    Nobody to help with HAProxy? Thanks
  • HAProxy - route by domain name

    pfSense Packages haproxy acl
    2
    0 Votes
    2 Posts
    1k Views
    N
    @nasheayahu said in HAProxy - route by domain name: wwwkohanyimcom Host matches: no no www.kohanyin.com kohanyimcom Host contains: no no kohanyin.com I found the problem, my domain was spelled incorrectly...
  • 0 Votes
    1 Posts
    724 Views
    No one has replied
  • HAProxy for User Control Panel (UCP) on freepbx

    Cache/Proxy haproxy freepbx
    5
    0 Votes
    5 Posts
    2k Views
    J
    @qupfer What did I bang my head over this strange 502 issue. Your solution did it! Thank you so much, even 2.5 years later!
  • Haproxy service doesn't start

    Cache/Proxy haproxy
    2
    0 Votes
    2 Posts
    1k Views
    P
    Edit: The last couple of days I have tried to gather some information of why the service won't start. Unfortunately there is not much information that can help me for specific installations on FreeBSD. But I have tried the following commands, with the output I get. I don't know if someone can see why it fails. /usr/local/etc/rc.d/haproxy start: WARNING: failed precmd routine for haproxy /usr/local/etc/rc.d/haproxy enable: haproxy enabled in /etc/rc.conf /usr/local/etc/rc.d/haproxy status: haproxy is not running. /usr/local/etc/rc.d/haproxy configtest: Configuration file has no error but will not start (no listener) => exit(2). haproxy -f /usr/local/etc/haproxy.conf -p /var/run/haproxy.pid: [ALERT] 070/102644 (18074) : [haproxy.main()] No enabled listener found (check for 'bind' directives) ! Exiting. Also, what I've done so far: Set the protocol for the webConfigurator to https Changed the TCP port to something other than 443 Turned on the Disable webConfigurator redirect rule Some other information that might be important: When I click on the (I don't know what else to call it) play button, the gear will load for a few seconds, then reload and then silently fail. Because the Haproxy service isn't enabled, I can't save the change made in settings of; Enable HAProxy. If anyone has an idea of what might be happening, please let me know because I'm out of idea's.
  • HAProxy

    pfSense Packages haproxy
    1
    0 Votes
    1 Posts
    804 Views
    No one has replied
  • haproxy http_to_https warning

    Moved Cache/Proxy haproxy
    3
    1 Votes
    3 Posts
    2k Views
    B
    I was able to solve this by following the HAProxy documentation regarding HTTP to HTTPS redirect. Adding unless { ssl_fc } to my ACL action on the front end got rid of the error. Now it looks like : scheme https unless { ssl_fc } [image: 1646860000790-image-01-resized.jpg] [image: 1646860001150-image-02-resized.jpg]
  • redirect http to https and to full URL on HAProxy

    Moved Cache/Proxy haproxy pfsense
    10
    0 Votes
    10 Posts
    10k Views
    stephenw10S
    Yeah, you wouldn't want to do that because the backend/frontend need to stay the same protocol. But if you want to be able to enter fqdn.com and have that redirect to www.fqdn.com/home/somepage.htm you should be able to. And doing it there prevents HAProxy accidentally overmatching. Steve
  • Haproxy settings for patroni... Where to put them

    Cache/Proxy haproxy
    1
    0 Votes
    1 Posts
    529 Views
    No one has replied
  • 0 Votes
    19 Posts
    5k Views
    O
    @sub2010 I use the same config. domain.tld and matrix.domain.tld. I'm not sure about your srv record, I dont use one. For my certificate I use 1 certificate. In acme you can specify multiple domains for one certificate. Mine includes. *.domain.tld and domain.tld Get a cert like that, put it on your haproxy frontend and also put it on your matrix host and point your homeserver.yaml to it and restart matrix. The error is still saying your cert is expired, so I am assuming the cert you have on your matrix host that your homeserver.yaml is pointing to is expired.
  • 0 Votes
    15 Posts
    3k Views
    nonickN
    @viragomann Dachte ich mir schon, ist aber ist trotzdem schade. Irgendwas ist immer, vor allem wenn etwas einfach umzusetzen ist. Das ganze funktioniert ja überraschend gut, nur das die IP-Adressen von der anfragenden Quelle nicht an den HAProxy weitergereicht werden.