Help needed to setup acme-http01-webroot.lua for Haproxy



  • Hello,

    As the subject says I'm trying to add the acme-http01 -webroot.lua to haproxy. I downloaded the files using https://forum.pfsense.org/index.php?topic=101186.msg690924#msg690924.

    In the instructions of the acme-http01 -webroot.lua below, it shows to copy the file in your haproxy config dir and to invoke the plugin by adding in the 'global' section of haproxy.cfg.

    How do i upload the file to the haproxy config dir and where is it located? where is the haproxy.cfg file located.

    Your help will be much appreciated.

    Thanks in advance,

    from the acme-http01 -webroot.lua download file:

    
    -- ACME http-01 domain validation plugin for Haproxy 1.6+
    -- copyright (C) 2015 Jan Broer
    --
    -- usage:
    --
    -- 1) copy acme-webroot.lua in your haproxy config dir
    -- 
    -- 2) Invoke the plugin by adding in the 'global' section of haproxy.cfg:
    -- 
    --    lua-load /etc/haproxy/acme-webroot.lua
    -- 
    -- 3) insert these two lines in every http frontend that is
    --    serving domains for which you want to create certificates:
    -- 
    --    acl url_acme_http01 path_beg /.well-known/acme-challenge/
    --    http-request use-service lua.acme-http01 if METH_GET url_acme_http01
    --
    -- 4) reload haproxy
    
    

    and this is from the README.md file

    
    ### HAProxy configuration
    
    Copy `acme-http01-webroot.lua` to a location accessible by HAProxy. In case that you don't run HAProxy chrooted (`chroot` config option), you need to edit the plugin and set the `non_chroot_webroot` parameter to the path of the directory you want to use as 'webroot'.
    
    To activate the plugin you just need to add **three lines** to your `haproxy.cfg`:
    
    In the `global` section insert
    
    	lua-load /etc/haproxy/acme-http01-webroot.lua
    
    to invoke the Lua plugin.
    
    


  • The topic you linked to explains it all in text&pictures.

    -Go to Services/HAProxy/Files (in the webgui), add a 'file' there and paste in the Lua script with a name and type Lua.
    -Go to a frontend and add a acl and action like the screenshots to call the lua function acme-http01 .

    No need to change global config settings, or adding files on the filesystem.



  • Thanks again PiBa,

    I must be blind. Did not see the down arrow to add a lua script. Worked like a charm.

    Regards,


Log in to reply