Need help with HAProxy config
-
Hi guys - Please see my config below
# Automaticaly generated, dont edit manually. # Generated on: 2017-07-07 18:29 global maxconn 100 stats socket /tmp/haproxy.socket level admin uid 80 gid 80 nbproc 1 chroot /tmp/haproxy_chroot daemon server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend HTTP-Edge bind 86.16.238.175:443 name 86.16.238.175:443 bind 86.16.238.175:80 name 86.16.238.175:80 mode tcp log global option dontlog-normal timeout client 30000 tcp-request inspect-delay 5s acl mail-acl req.ssl_sni -i mail.apollon-domain.co.uk acl filter-acl req.ssl_sni -i filter.apollon-domain.co.uk tcp-request content accept if { req.ssl_hello_type 1 } use_backend mail_https_ipvANY if mail-acl use_backend filter_https_ipvANY if filter-acl backend mail_https_ipvANY mode tcp log global timeout connect 30000 timeout server 30000 retries 3 option httpchk OPTIONS / server CERBERUS 192.168.50.183:443 check-ssl check inter 1000 verify none backend filter_https_ipvANY mode tcp log global timeout connect 30000 timeout server 30000 retries 3 option httpchk OPTIONS / server GLAUCUS 192.168.50.185:80 check inter 1000If I navigate to https://mail.apollon-domain.co.uk externally it times out. Stats page shows my mail server as UP.
Basically I just want a single frontend supporting http and https. Where am I going wrong here?
Many thanks
-
Your front-end is configured in TCP mode, but you asking for HTTP processing (ACLs based on HTTP Hostname).
Switch front-end to HTTP mode.
